High severityNVD Advisory· Published Dec 20, 2024· Updated Apr 15, 2026
CVE-2024-10385
CVE-2024-10385
Description
Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS (Cross-site Scripting), which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. This issue has been fixed in version 1.668 of DirectAdmin Evolution Skin.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <1.668
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.