CVE-2024-6427

Name of the Vulnerable Software and Affected Versions MESbook version 202221021.03

Description The issue is related to an Uncontrolled Resource Consumption vulnerability. An unauthenticated remote attacker can use the message parameter to inject a payload with dangerous JavaScript code, causing the application to loop requests on itself. This could lead to resource consumption and potentially disable the application.

Recommendations For version 202221021.03, consider disabling the use of the message parameter until a patch is available to prevent exploitation. As a temporary workaround, restrict access to the application to minimize the risk of resource consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.