CVE-2024-51379

Vulnerability Description

Stored Cross-Site Scripting (XSS) vulnerability discovered in JATOS v3.9.3. The vulnerability exists in the description component of the study section, where an attacker can inject JavaScript into the description field. This allows for the execution of malicious scripts when an admin views the description, potentially leading to account takeover and unauthorized actions.

Vulnerability Details

Published Date

November 05, 2024

Last Modified

June 24, 2025

Source

NVD

CVE-2024-51379

Vulnerability Description

Vulnerability Details

Discussion (0)

Add Comment