CVE-2024-8526

Name of the Vulnerable Software and Affected Versions: Automated Logic WebCTRL version 7.0

Description: A vulnerability could allow an attacker to send a maliciously crafted URL, which when visited by an authenticated WebCTRL user, could result in the redirection of the user to a malicious webpage via "index.jsp".

Recommendations: For Automated Logic WebCTRL version 7.0, consider restricting access to the "index.jsp" page until a patch is available. As a temporary workaround, avoid using the vulnerable URL redirection feature in the affected version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.