XSS in Poznan Supercomputing And Networking Center Dingo Dlibra

CVE-2024-7124

Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.010 (59.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2024-7124?
CVE-2024-7124 is a vulnerability in Poznan Supercomputing And Networking Center Dingo Dlibra, classified under Cross-site Scripting. Published 2024-11-14.
Is CVE-2024-7124 known to be exploited?
2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.