CVE-2024-24257 Information

Description

An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component.

Reference

https://idssgmcc.github.io/aran.github.io/1.html