MidnightBSD

Advisories for act-on

CVE-2024-24507

Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component.

Products Affected

Vendor Product Version
act-on act-on 2023