CVE-2024-52882 Information

Description

An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.

Reference

https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-076.txt