PT-2024-21079 · Syncro Soft · Oxygen Xml Web Author+1
Published
2024-05-13
·
Updated
2024-10-29
·
CVE-2024-25662
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Oxygen XML Web Author versions prior to 26.0.0
Oxygen Content Fusion versions prior to 6.1
Description
The issue allows for Cross-Site Scripting (XSS) attacks using malicious URLs.
Recommendations
For Oxygen XML Web Author versions prior to 26.0.0, update to version 26.0.0 or newer.
For Oxygen Content Fusion versions prior to 6.1, update to version 6.1 or newer.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Oxygen Content Fusion
Oxygen Xml Web Author