XSS in Meddiff Technologies Instarispacs
CVE-2024-2259
This vulnerability exists in InstaRISPACS software due to insufficient validation of user supplied input for the loginTo parameter in user login module of the web interface of the application. A remote attacker could exploit this vulnerabi…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.005 (38.9th percentile) — read the EPSS interpretation.
Affected products
- Meddiff Technologies Instarispacs — versions 3.0.0, <=4.0.0 Build 29, <=5.0.0 Build 19
Weakness classification (CWE)
References
- vdisclose@cert-in.org.in (third-party-advisory)