| Vulnerability Details | |
|---|---|
| Severity | Medium |
| Reported | 22 January 2022 |
| Reported by | Hazem Osama |
| Fixed | 1 February 2022 |
| Affected Builds | Builds below 125583 |
| Fixed in | Build 125584 |
| Overview | There was a stored XSS vulnerability in the Schedule name field of the Schedule page |
| Recommended Fix | For builds below 125583, please contact NCM support |
Earlier, there was a stored XSS vulnerability in the Schedule name field of Schedule page. This issue is fixed now.
We recommend you to contact NCM support for recommended fix.
Source and Acknowledgements
Find out more about CVE-2022-24703 from the CVE dictionary.
For clarification or corrections please contact our support team or email us at ncm-support@manageengine.com.