PT-2025-17585 · Unknown · Volmarg Personal Management System
Published
2025-04-22
·
Updated
2025-05-19
·
CVE-2024-53569
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Volmarg Personal Management System version 1.4.65
Description
A stored cross-site scripting (XSS) issue exists in the New Goal Creation section, allowing authenticated attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the
description parameter.Recommendations
For Volmarg Personal Management System version 1.4.65, consider disabling the New Goal Creation section until a patch is available to prevent exploitation. Restrict access to this feature to minimize the risk of arbitrary script execution. Avoid using the
description parameter in the affected section until the issue is resolved.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Volmarg Personal Management System