CVE Catalog

CVE-2024-41505

MediumCVSS 6.1
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.22%

12th percentile - higher than 12% of all known CVEs

Summary

Cross-Site Scripting (XSS) vulnerability in Jetimob Plataforma Imobiliaria version 20240627-0. An attacker can inject malicious script via the "Profisso" field in the "Pessoas" section.

Risk Assessment

Risk of session hijacking, account takeover, or unauthorized actions performed in the victim's context.

Recommendation

Immediately update the system to the latest version and apply input filtering and encoding for the "Profisso" field.

Original NVD description (English source)

Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS) in the "Pessoas" (persons) section via the field "Profisso" (professor).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS