CVE-2024-41504

Name of the Vulnerable Software and Affected Versions Jetimob Plataforma Imobiliaria version 20240627-0

Description The issue concerns a Cross Site Scripting (XSS) problem. In the "Oportunidades" section of the application, when creating or editing an "Atividade", the form field "Descrico" allows injection of JavaScript.

Recommendations For Jetimob Plataforma Imobiliaria version 20240627-0, as a temporary workaround, consider restricting the use of the "Descrico" form field in the "Oportunidades" section until a patch is available. Avoid using this field for any input that may contain JavaScript code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.