CVE-2024-48569

Name of the Vulnerable Software and Affected Versions Proactive Risk Manager version 9.1.1.0

Description The issue concerns multiple Cross-Site Scripting (XSS) vulnerabilities. These vulnerabilities are found in the add/edit form fields, specifically at URLs starting with the subpaths: "/ar/config/configuation/" and "/ar/config/risk-strategy-control/".

Recommendations For Proactive Risk Manager version 9.1.1.0, consider restricting access to the affected form fields and URLs starting with "/ar/config/configuation/" and "/ar/config/risk-strategy-control/" until a fix is available. As a temporary workaround, avoid using the add/edit functionality in these areas to minimize the risk of exploitation.