CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-50861: The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key"...

Description

The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key" field, which is saved in the database and triggers XSS when viewed, enabling data exfiltration and CSRF attacks.

Classification

CVE ID: CVE-2024-50861

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 17.78% (scored less or equal to compared to others)

EPSS Date: 2025-02-12 (when was this score calculated)

References

https://github.com/muebel/gestioip-docker-compose
http://www.gestioip.net
https://github.com/maxibelino/CVEs/tree/main/CVE-2024-50861

Timeline

2025-01-15 00:30:29 UTC
CVE

The ip_mod_dns_key_form.cgi request in GestioIP v3.5.7 is vulnerable to Stored XSS. An attacker can inject malicious code into the "TSIG Key"...