Vulnerabilities

CVE-2024-9969

by Fred · 15/10/2024

NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Scripting (XSS) attack. The affected product is no longer maintained. It is recommended to upgrade to the new product.

More information : https://www.twcert.org.tw/tw/cp-132-8134-c476d-1.html

Similar

Tags: Cybersecurity Alert