CVE-2024-51322 Information

Description

Cross Site Scripting vulnerability in Zucchetti Ad Hoc Infinity 2.4 allows an authenticated attacker to achieve Remote Code Execution via the /jsp/home.jsp /jsp/gsfr_feditorHTML.jsp /servlet/SPVisualZoom /jsp/gsmd_container.jsp components

Reference

https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/ https://members.backbox.org/zucchetti-ad-hoc-infinity-multiple-vulnerabilities/