CVE-2024-50585
Description
Users who click on a malicious link or visit a website under the control of an attacker can be infected with arbitrary JavaScript which is running in the context of the "Numerix License Server Administration System Login" (nlslogin.jsp) page. The vulnerability can be triggered by sending a specially crafted HTTP POST request.
The vendor was unresponsive during multiple attempts to contact them via various channels, hence there is no solution available. In case you are using this software, be sure to restrict access and monitor logs. Try to reach out to your contact person for this vendor and request a patch.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Reflected XSS in Numerix License Server Administration System Login allows arbitrary JavaScript execution via crafted HTTP POST request.
The Numerix License Server Administration System Login (nlslogin.jsp) is vulnerable to a reflected cross-site scripting (XSS) attack [1]. An attacker can inject arbitrary JavaScript by sending a specially crafted HTTP POST request to the login page, which then executes in the victim's browser.
To exploit this, the attacker must trick a victim into clicking a malicious link or visiting an attacker-controlled website that triggers the POST request. No prior authentication is required from the attacker, but the victim must have an active session in the application for the script to run in the context of the login page.
Successful exploitation allows the attacker to execute arbitrary JavaScript in the context of the Numerix License Server Administration System Login page. This could lead to session hijacking, credential theft, or other client-side attacks.
The vendor was unresponsive during disclosure, so no official patch is available. Users are advised to restrict network access to the application and monitor logs for suspicious activity [1].
AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Improper neutralization of user-controllable input in HTTP POST requests before reflection in the nlslogin.jsp page allows cross-site scripting."
Attack vector
An attacker crafts a malicious HTTP POST request containing arbitrary JavaScript payloads and sends it to the vulnerable nlslogin.jsp endpoint [ref_id=1]. The server reflects the injected input in its response, and when a victim clicks a malicious link or visits an attacker-controlled website that triggers this POST request, the JavaScript executes in the context of the login page [ref_id=1]. No authentication is required, and the only user interaction needed is clicking the link or visiting the attacker's site [CWE-79].
Affected code
The vulnerability resides in the "Numerix License Server Administration System Login" page (nlslogin.jsp) [ref_id=1]. The server reflects user-controllable input from HTTP POST requests into the web page without proper neutralization, allowing injected JavaScript to be served back to the victim's browser [ref_id=1].
What the fix does
No patch or fix is available. The vendor was unresponsive during multiple contact attempts via support@numerix.com, sales@numerix.com, and info@agilis-sw.com between April and July 2024 [ref_id=1]. The advisory recommends restricting access to the software, monitoring logs, and requesting a patch from the vendor as remediation [ref_id=1].
Preconditions
- inputVictim must click a malicious link or visit an attacker-controlled website
- authNo authentication required
- networkNetwork access to the Numerix License Server Administration System Login page
Generated on May 27, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.