CVE-2024-42831 Information

Description

A reflected cross-site scripting (XSS) vulnerability in Elaine’s Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapper_dialog.php.

Reference

http://elaine.com http://realtime.com https://seclists.org/fulldisclosure/2024/Sep/49