Vulnerability Details CVE-2024-10289
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ManageSubscription, parameter MSubListName.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.4%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2024-10289
-
cpe:2.3:a:ujangrohidin:localserver:1.0.9