XSS in Poznan Supercomputing And Networking Center Dingo Dlibra
CVE-2024-7124
Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.010 (59.9th percentile) — read the EPSS interpretation.
Affected products
- Poznan Supercomputing And Networking Center Dingo Dlibra — versions 6.0
Weakness classification (CWE)
Public proof-of-concept exploits
References
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (third-party-advisory)
- cvd@cert.pl (product)
Frequently asked questions
- What is CVE-2024-7124?
- CVE-2024-7124 is a vulnerability in Poznan Supercomputing And Networking Center Dingo Dlibra, classified under Cross-site Scripting. Published 2024-11-14.
- Is CVE-2024-7124 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.