VYPR
Unrated severityNVD Advisory· Published Jan 30, 2024· Updated Jun 9, 2025

Cogites eReserv config.php cross site scripting

CVE-2024-1026

Description

A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-252293 was assigned to this vulnerability.

Affected products

2
  • Cogites/eReservllm-fuzzy2 versions
    = 7.7.58+ 1 more
    • (no CPE)range: = 7.7.58
    • (no CPE)range: 7.7.58

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.