CVE-2024-6058
CVSS 2.0 Score 4.0 of 10 (medium)
Details
Published Jun 17, 2024
Updated: Jun 20, 2024
CWE ID 79
Summary
CVE-2024-6658 is a newly disclosed vulnerability affecting LabVantage LIMS 2017. The issue lies in the manipulation of height/width arguments in the file /labvantage/rc, leading to a cross-site scripting (XSS) attack. This flaw can be exploited remotely, allowing attackers to inject malicious code into unsuspecting users' browsers. The exploit has been made public, increasing the risk of widespread use. The vulnerability has been assigned the identifier VDB-268785. Regrettably, the vendor has not yet responded to previous disclosure notifications.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- LIMS