CVE-2024-3654 Information

Description

An XSS vulnerability has been found in Teimas Global’s Teixo version 1.42.42-stable. This vulnerability could allow an attacker to send a specially crafted JavaScript payload via the \seconds\ parameter in the program’s URL resulting in a possible takeover of a registered user’s session.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-teixo-teimas-global