CNNVD-202507-1490 Information

CNNVD ID

CNNVD-202507-1490

Related CVE

CVE-2024-36697

• CNNVD Published: 2025-07-10

Description (Chinese)

Allworx System Software是美国Allworx公司的一款通信软件平台。 Allworx System Software v9.1.9.12版本存在安全漏洞，该漏洞源于Admin Login页面中对SessionID参数处理不当，可能导致跨站脚本攻击。

Description (English)

AllWorkx Systems Software is a communications software platform for AllWorx in the United States. The security loophole in version Allwork System Software v91.9.12 stems from the inappropriate handling of SesionID parameters on Admin Login’s page, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

Allworx

Published

2025-07-10

Last Modified

2026-02-24

References

https://gist.github.com/roidrage52/d3e419550b91ff041abd55f698fb1e16 http://allworx.com https://nvd.nist.gov/vuln/detail/CVE-2024-36697