CVE-2024-10923

EUVD-2024-33352
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ ALM Octane Management allows Stored XSS. The vulnerability could result in a remote code execution attack. 

This issue affects ALM Octane Management: from 16.2.100 through 24.4.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
Common Weakness Enumeration
References
https://portal.microfocus.com/s/article/KM000036146?language=en_US