Security Advisory

CVE-2024-9969

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-15 03:26:33

Last updated 2024-10-15 15:34:43

Assigner twcert

State PUBLISHED

Description

NewType WebEIP v3.0 does not properly validate user input, allowing a remote attacker with regular privileges to insert JavaScript into specific parameters, resulting in a Reflected Cross-site Scripting (XSS) attack. The affected product is no longer maintained. It is recommended to upgrade to the new product.

← Browse all CVEs View on cve.org ↗