Security Advisory

CVE-2024-42834

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-13 00:00:00

Last updated 2024-11-18 19:28:51

Assigner mitre

State PUBLISHED

Description

A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter.

← Browse all CVEs View on cve.org ↗