CyberSec-Supra

1 exploit Active since Nov 2024
CVE-2024-42834 NOMISEC MEDIUM NO CODE
Incognito Service Activation Center UI 14.11 - Stored XSS via Create Customer API
A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter.
CVSS 5.4