CVE-2024-50857

Name of the Vulnerable Software and Affected Versions GestioIP version 3.5.7

Description The ip do job request is vulnerable to Cross-Site Scripting (XSS), allowing data exfiltration and enabling CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully.

Recommendations For GestioIP version 3.5.7, consider disabling the ip do job request as a temporary workaround until a patch is available. Restrict access to the vulnerable request to minimize the risk of exploitation. Avoid using the ip do job request until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.