CVE-2024-41513 Information

Description

A reflected cross-site scripting (XSS) vulnerability in \Artikel.aspx\ in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the \searchindex\ parameter.

Reference

https://piuswalter.de/blog/multiple-critical-vulnerabilities-in-cadclick/ http://cadclick.de/ http://kimweb.de/