CVE-2024-31847 Information

Description

An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting (XSS) vulnerability allows authenticated and unauthenticated remote attackers to inject arbitrary web script or HTML into a GET parameter. This reflects/stores the user input without sanitization.

Reference

https://www.gruppotim.it/it/footer/red-team.html