QwikSec

Security Database

CVE

CWE

Training

CVE-2024-5961

Published: Jun 14, 2024

Modified: Aug 1, 2024

PUBLISHED

Description

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.

Vendor	Product	Versions
Trol InterMedia Sp. z o.o. Sp. k.	2ClickPortal	affected `7.2.31 - <= 7.6.4`

Weaknesses (CWE)

References

https://cert.pl/en/posts/2024/06/CVE-2024-5961/

third-party-advisory

https://cert.pl/posts/2024/06/CVE-2024-5961/

third-party-advisory

https://2clickportal.pl/

product

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.