CVE-2024-46081 Information

Description

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting (XSS). An authenticated user can craft malicious payloads in the To-Do List. The assigned user will trigger a stored XSS which is particularly dangerous because tasks are assigned to various users on the platform.

Reference

https://blog.hawktesters.com/zero-day-alert-scriptcase-vulnerabilities-xss/