CVE-2024-51320 Information

Description

Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /servlet/gsdm_fsave_htmltmp /servlet/gsdm_btlk_openfile components

Reference

https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/ https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/