Vulnerability Details CVE-2024-50857
The ip_do_job request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting (XSS). It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.3%
CVSS Severity
CVSS v3 Score 4.8
References