We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-36498

Stored cross site scripting



Description

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function which is available at the URL https://$SCANNER/cgi/admin.cgi?-rdisclaimer+-apre The stored Javascript payload will be executed every time the ScanWizard is loaded, even in the Kiosk-mode browser. Version 7.40 implemented a fix, but it could be bypassed via URL-encoding the Javascript payload again.

Reserved 2024-05-29 | Published 2024-12-12 | Updated 2024-12-12 | Assigner SEC-VLab

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Product status

Default status
affected

7.40 before 7.42
affected

Credits

Daniel Hirschberger (SEC Consult Vulnerability Lab) finder

Tobias Niemann (SEC Consult Vulnerability Lab) finder

References

r.sec-consult.com/imageaccess third-party-advisory

www.imageaccess.de/?page=SupportPortal&lang=en patch

cve.org (CVE-2024-36498)

nvd.nist.gov (CVE-2024-36498)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-36498

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.