Security Advisory

CVE-2024-5406

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-27 11:50:55

Last updated 2024-08-01 21:11:12

Assigner INCIBE

State PUBLISHED

Description

A vulnerability had been discovered in WinNMP 19.02 consisting of an XSS attack via index page in from, subject, text and hash parameters. This vulnerability could allow a remote user to send a specially crafted query to an authenticated user and steal their session details.

← Browse all CVEs View on cve.org ↗