CVE-2024-6183

A vulnerability classified as problematic has been found in EZ-Suite EZ-Partner 5. Affected is an unknown function of the component Forgot Password Handler. The manipulation leads to basic cross site scripting. It is possible to launch the attack remotely. VDB-269154 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link Resource
https://vuldb.com/?ctiid.269154 Permissions Required VDB Entry
https://vuldb.com/?id.269154 Third Party Advisory VDB Entry
https://vuldb.com/?submit.353713 VDB Entry
https://vuldb.com/?ctiid.269154 Permissions Required VDB Entry
https://vuldb.com/?id.269154 Third Party Advisory VDB Entry
https://vuldb.com/?submit.353713 VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:ez-suite:ez-partner:5:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-06-20 12:15

Updated : 2024-11-21 09:49


NVD link : CVE-2024-6183

Mitre link : CVE-2024-6183

CVE.ORG link : CVE-2024-6183


JSON object : View

Products Affected

ez-suite

  • ez-partner
CWE
CWE-80

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')