VYPR
Medium severity6.5NVD Advisory· Published Mar 28, 2024· Updated Apr 15, 2026

CVE-2024-25506

CVE-2024-25506

Description

Cross Site Scripting vulnerability in Process Maker, Inc ProcessMaker before 4.0 allows a remote attacker to run arbitrary code via control of the pm_sys_sys cookie.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.