Medium severity6.1NVD Advisory· Published Oct 23, 2024· Updated Jun 17, 2026
CVE-2024-10288
CVE-2024-10288
Description
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/SubscribeToList, parameter ListName.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.0.9+ 1 more
- (no CPE)range: <=1.0.9
- (no CPE)range: 1.0.9
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-xss-vulnerabilities-localservernvdThird Party Advisory
News mentions
0No linked articles in our index yet.