CVE-2024-4754 | HackTesting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5.

Credits

Ertuğrul KUZGUN

References

https://www.usom.gov.tr/bildirim/tr-24-0739