CVE-2024-30889 Information

Description

Cross Site Scripting vulnerability in audimex audimexEE v.15.1.2 and fixed in 15.1.3.9 allows a remote attacker to execute arbitrary code via the service method widget_type request_id payload parameters.

Reference

https://github.com/robymontyz/pocs/blob/main/AudimexEE/ReflectedXSS.md