CVE-2024-45176

Name of the Vulnerable Software and Affected Versions za-internet C-MOR Video Surveillance version 5.2401

Description An issue was discovered due to improper input validation, making the C-MOR web interface vulnerable to reflected cross-site scripting (XSS) attacks. Different functions are prone to reflected cross-site scripting attacks due to insufficient user input validation.

Recommendations For version 5.2401, consider disabling the web interface temporarily until a patch is available to prevent exploitation of the reflected cross-site scripting vulnerability. Restrict access to the C-MOR web interface to minimize the risk of exploitation. Avoid using the web interface for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.