Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-28734

Published: 19/03/2024 Updated: 25/04/2024

Vulnerability Summary

Cross Site Scripting vulnerability in Unit4 Financials by Coda before 2023Q4 allows a remote malicious user to run arbitrary code via a crafted GET request using the cols parameter.

Exploits

Exploit DB: Financials By Coda Cross Site Scripting
Financials by Coda versions prior to 2023Q4 suffer from a cross site scripting vulnerability ...

References

https://packetstormsecurity.com/files/177619/Financials-By-Coda-Cross-Site-Scripting.htmlhttps://www.unit4.com/https://www.unit4.com/products/financial-management-softwarehttps://nvd.nist.govhttps://packetstormsecurity.com/files/177619/Financials-By-Coda-Cross-Site-Scripting.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectCVE-2024-34001CVE-2024-37018LFICVE-2024-1275CVE-2024-1086CSRFCVE-2024-31030CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook