CVE-2024-8528 – ALC WebCTRL Carrier i-Vu Reflected XSS due to unsanitized parameter

CVE ID : CVE-2024-8528

Published : Nov. 19, 2025, 2:15 p.m. | 49 minutes ago

Description : Reflected XSS using a specific URL in Automated Logic WebCTRL and Carrier i-VU can allow delivery of malicious payload due to a specific GET parameter not being sanitized.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…