CVE-2024-48392

Vulnerability Description

OrangeScrum v2.0.11 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into user email due to lack of input validation, which could lead to account takeover.

Vulnerability Details

Published Date

January 21, 2025

Last Modified

September 30, 2025

Source

NVD

CVE-2024-48392

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment