CVE-2024-56882

MEDIUM

Sage DPW < 2024_12_000 - Stored Cross-Site Scripting via Kurstitel and Kurzinfo Input Fields

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-56882. PoCs published by trustcves.

AI-analyzed exploit summary This writeup details a stored XSS vulnerability in Sage DPW, where authenticated users with employee privileges can inject malicious JavaScript code into input fields like 'Kurstitel' and 'Kurzinfo'. The payload executes when other users, including managers, interact with the injected content.

Description

Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with the modified data elements.

Exploits (1)

nomisec WRITEUP
by trustcves · poc
https://github.com/trustcves/CVE-2024-56882

This writeup details a stored XSS vulnerability in Sage DPW, where authenticated users with employee privileges can inject malicious JavaScript code into input fields like 'Kurstitel' and 'Kurzinfo'. The payload executes when other users, including managers, interact with the injected content.

Classification
Writeup 100%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Sage DPW < 2024_12_000
Auth required
Prerequisites: Authenticated user with employee privileges (MA role)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 5.4
EPSS 0.0039
EPSS Percentile 30.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
sagedpw/sage_dpw < 2024_12_000
Published Feb 18, 2025
Tracked Since Feb 18, 2026