PT-2024-32576 · Unknown · Campcodes Legal Case Management System

Yylm

Published

2024-05-10

Updated

2024-06-04

CVE-2024-4736

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Campcodes Legal Case Management System version 1.0

Description A issue was found in the system, affecting some unknown functionality of the file /admin/tax. The manipulation of the name argument leads to cross site scripting. The attack can be launched remotely.

Recommendations For Campcodes Legal Case Management System version 1.0, consider restricting access to the /admin/tax file until a fix is available. As a temporary workaround, avoid using the name argument in the affected file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2024-4736

Affected Products

Campcodes Legal Case Management System

PT-2024-32576 · Unknown · Campcodes Legal Case Management System

CVE-2024-4736

Weakness Enumeration

Related Identifiers

Affected Products

References · 6