CVE-2024-50859

MEDIUM

GestioIP 3.5.7 - Reflected Cross-Site Scripting via ip_import_acl_csv Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-50859. PoCs published by Maximiliano Belino.

AI-analyzed exploit summary This exploit demonstrates a Reflected XSS vulnerability in GestioIP 3.5.7 via the ip_import_acl_csv endpoint. The vulnerability allows an attacker to upload a malicious file containing HTML/JavaScript, which is reflected in the browser without proper sanitization, leading to potential data exfiltration or CSRF attacks.

Description

The ip_import_acl_csv request in GestioIP v3.5.7 is vulnerable to Reflected XSS. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the attacker to execute malicious scripts or exfiltrate data.

Exploits (1)

exploitdb WORKING POC
by Maximiliano Belino · textremotemultiple
https://www.exploit-db.com/exploits/52202

This exploit demonstrates a Reflected XSS vulnerability in GestioIP 3.5.7 via the ip_import_acl_csv endpoint. The vulnerability allows an attacker to upload a malicious file containing HTML/JavaScript, which is reflected in the browser without proper sanitization, leading to potential data exfiltration or CSRF attacks.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: GestioIP v3.5.7
Auth required
Prerequisites: ACL connection management enabled in GestioIP · Access to the import/export functionality
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 4.8
EPSS 0.0111
EPSS Percentile 78.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
gestioip/gestioip 3.5.7
Published Jan 14, 2025
Tracked Since Feb 18, 2026