Medium severity5.4NVD Advisory· Published Nov 15, 2024· Updated Jun 17, 2026
CVE-2024-50983
CVE-2024-50983
Description
FlightPath 7.5 contains a Cross Site Scripting (XSS) vulnerability, which allows authenticated remote attackers with administrative rights to inject arbitrary JavaScript in the web browser of a user by including a malicious payload into the Last Name section in the Create/Edit Faculty/Staff User or Create/Edit Student User sections.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 7.5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.