PT-2024-38581 · Unknown · Vsrm Supplier Relationship Management System
Yagiz Bilgili
·
Published
2024-11-14
·
Updated
2024-11-15
·
CVE-2024-7787
CVSS v4.0
5.1
Medium
| Vector | AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L |
Name of the Vulnerable Software and Affected Versions
vSRM Supplier Relationship Management System versions prior to 28.08.2024
Description
The issue affects the vSRM Supplier Relationship Management System, allowing Reflected XSS, or Cross-Site Scripting (XSS), due to improper neutralization of input during web page generation. This can lead to malicious script execution.
Recommendations
For versions prior to 28.08.2024, upgrade the affected components immediately to resolve the issue. As a temporary workaround, consider restricting access to vulnerable components of the vSRM Supplier Relationship Management System to minimize the risk of exploitation.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Vsrm Supplier Relationship Management System