{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T04:04:02.780","vulnerabilities":[{"cve":{"id":"CVE-2024-10722","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:19.140","lastModified":"2026-06-17T06:56:16.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability exists in phpipam/phpipam version 1.5.2. The vulnerability allows attackers to inject malicious scripts into the 'Description' field of custom fields in the 'IP RELATED MANAGEMENT' section. This can lead to data theft, account compromise, distribution of malware, website defacement, content manipulation, and phishing attacks. The issue is fixed in version 1.7.0."},{"lang":"es","value":"Existe una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en phpipam/phpipam versión 1.5.2. Esta vulnerabilidad permite a los atacantes inyectar scripts maliciosos en el campo \"Descripción\" de los campos personalizados de la sección \"GESTIÓN DE IP\". Esto puede provocar robo de datos, vulneración de cuentas, distribución de malware, desfiguración de sitios web, manipulación de contenido y ataques de phishing. El problema está corregido en la versión 1.7.0."}],"affected":[{"source":"security@huntr.dev","affectedData":[{"vendor":"phpipam","product":"phpipam/phpipam","versions":[{"version":"unspecified","lessThan":"1.7.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-20T17:48:32.150855Z","id":"CVE-2024-10722","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpipam:phpipam:*:*:*:*:*:*:*:*","versionEndExcluding":"1.7.0","matchCriteriaId":"896B6AA4-8068-41F4-ACD4-92893E5BB0AD"}]}]}],"references":[{"url":"https://github.com/phpipam/phpipam/commit/c1697bb6c4e4a6403d69c0868e1eb1040f98b731","source":"security@huntr.dev","tags":["Patch"]},{"url":"https://huntr.com/bounties/f0bc97b2-33a9-4b15-aa05-ff7c57624847","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]}]}}]}