CVE-2024-12756
HIGHDescription
An HTML Injection vulnerability in Avaya Spaces may have allowed disclosure of sensitive information or modification of the page content seen by the user.
Is your site exposed to CVE-2024-12756?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| avaya | spaces |
References
Other References
Frequently Asked Questions
What is CVE-2024-12756? +
How severe is CVE-2024-12756? +
What products are affected by CVE-2024-12756? +
How do I check if I'm vulnerable to CVE-2024-12756? +
Related Vulnerabilities
A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged authenticated …
Improper Validation of Specified Type of Input vulnerability in OpenText™ Content Management (Extended ECM) allows Parameter Injection. A bad actor …
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the …
A security issue exists due to improper handling of CIP Class 32’s request when a module is inhibited on the …
Synapse is an open source Matrix homeserver implementation. Lack of validation for device keys in Synapse before 1.138.3 and in …
Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v3.08.01; NEXUS Series v3.08.01 ; MATRIX Series v3.08.01 allows …