Unrated severityNVD Advisory· Published May 27, 2024· Updated Aug 1, 2024
Cross-site Scripting vulnerability in RhinOS from SaltOS
CVE-2024-5409
Description
RhinOS 3.0-1190 is vulnerable to an XSS via the "tamper" parameter in /admin/lib/phpthumb/phpthumb.php. An attacker could create a malicious URL and send it to a victim to obtain their session details.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.