CVE Catalog

CVE-2024-41503

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

12th percentile - higher than 12% of all known CVEs

Summary

Cross-Site Scripting (XSS) vulnerability in Jetimob Plataforma Imobiliaria allows an attacker to inject malicious script into the 'Título' (title) field within the filter save option of the 'Busca' (search) function.

Risk Assessment

An attacker can steal user sessions, redirect users to malicious sites, or perform other harmful actions in the context of the victim's browser.

Recommendation

Update the platform to the latest version and implement input validation and encoding for the 'Título' field.

Original NVD description (English source)

Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS) in the field "Ttulo" (title) inside the filter Save option in the "Busca" (search) function.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS