Security Advisory

CVE-2024-5409

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-27 12:17:41

Last updated 2024-08-01 21:11:12

Assigner INCIBE

State PUBLISHED

Description

RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details.

← Browse all CVEs View on cve.org ↗