Medium severity5.4NVD Advisory· Published Nov 13, 2024· Updated Apr 15, 2026

CVE-2024-42834

Description

A stored cross-site scripting (XSS) vulnerability in the Create Customer API in Incognito Service Activation Center (SAC) UI v14.11 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the lastName parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Cybersec Supra/CVE 2024 42834references
Incognito/Service Activation Center UIllm-create
Range: =14.11

Patches

Vulnerability mechanics

News mentions

No linked articles in our index yet.

cvss	0.351
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000