This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-44351 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. |
Wed, 03 Jun 2026 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 03 Jun 2026 14:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS. This issue affects Business Process Manangement (BPM): from 6.6.4.4 before 6.6.4.5. |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: TR-CERT
Published:
Updated: 2026-06-03T13:59:49.342Z
Reserved: 2024-05-10T13:27:51.089Z
Link: CVE-2024-4754
Updated: 2024-08-01T20:47:41.682Z
Status : Deferred
Published: 2024-06-24T09:15:10.083
Modified: 2026-06-17T08:02:35.653
Link: CVE-2024-4754
No data.
OpenCVE Enrichment
No data.
EUVD