High severity7.6NVD Advisory· Published Apr 30, 2024· Updated Jun 17, 2026
CVE-2024-4337
CVE-2024-4337
Description
Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/nav/add, in multiple parameters. This vulnerability allows an attacker to retrieve the session details of an authenticated user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =2.0.8
- Range: 2.0.8
Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-adive-frameworknvdThird Party Advisory
News mentions
0No linked articles in our index yet.