CVE-2024-21584 Information

Description

Pleasanter 1.3.49.0 and earlier contains a cross-site scripting vulnerability. If an attacker tricks the user to access the product with a specially crafted URL and perform a specific operation an arbitrary script may be executed on the web browser of the user.

Reference

https://pleasanter.org/archives/vulnerability-update-202401 https://jvn.jp/en/jp/JVN51135247/