cve/2024/CVE-2024-52882.md

### [CVE-2024-52882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52882)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.

### POC

#### Reference
- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-076.txt

#### Github
No PoCs found on GitHub currently.
Update CVE sources 2025-09-29 16:08 2025-09-29 16:08:36 +00:00			`### [CVE-2024-52882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52882)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.`

			`### POC`

			`#### Reference`
			`- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-076.txt`

			`#### Github`
			`No PoCs found on GitHub currently.`