1 results (0.005 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2022-24573
https://notcve.org/view.php?id=CVE-2022-24573
A stored cross-site scripting (XSS) vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field. Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la interfaz de administración en Element-IT HTTP Commander versión 7.0.0, permite a usuarios no autenticados conseguir acceso de administrador inyectando un script malicioso en el campo User-Agent • http://element-it.com https://www.element-it.com/news.aspx • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •