CVE-2024-28804 identifies a stored Cross-site Scripting (XSS) vulnerability in Italtel i-MCS NFV version 12.1.0-20211215. Stored XSS occurs when malicious input submitted via POST requests is improperly sanitized and stored by the application, later executed in the browsers of users accessing the affected interface. This vulnerability is classified under CWE-79, indicating a failure to properly neutralize input that is included in web pages. The attack vector is network-based (AV:N), requiring no privileges (PR:N), but does require user interaction (UI:R) such as clicking a crafted link or viewing a malicious page. The scope is changed (S:C), meaning the vulnerability affects components beyond the initially vulnerable component, potentially impacting other users or systems. The impact includes partial loss of confidentiality, integrity, and availability (C:L/I:L/A:L), as attackers can execute arbitrary scripts to hijack sessions, manipulate displayed content, or perform unauthorized actions on behalf of users. Although no known exploits have been reported in the wild, the vulnerability poses a significant risk due to the critical role of Italtel i-MCS NFV in network function virtualization for telecommunications providers. The absence of published patches necessitates immediate mitigation efforts by affected organizations.

The vulnerability can lead to unauthorized script execution in the context of legitimate users, enabling attackers to steal sensitive information such as session cookies, credentials, or configuration data. It can also allow attackers to perform actions on behalf of users, potentially disrupting network management or service provisioning. Given that Italtel i-MCS NFV is used in telecommunications network function virtualization, exploitation could impact critical infrastructure, leading to service degradation or outages. The compromise of management interfaces could also facilitate further lateral movement or persistent access within affected networks. The high CVSS score reflects the ease of exploitation over the network and the broad impact on confidentiality, integrity, and availability. Organizations worldwide relying on this product for NFV orchestration and management face risks of data breaches, operational disruption, and reputational damage.

1. Implement strict input validation and output encoding on all user-supplied data, especially data submitted via POST requests, to prevent malicious script injection. 2. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 3. Limit user privileges and access to the management interfaces of Italtel i-MCS NFV to trusted personnel only. 4. Monitor logs and network traffic for unusual POST requests or suspicious activities indicative of attempted XSS exploitation. 5. If possible, deploy web application firewalls (WAFs) with rules targeting common XSS attack patterns to provide an additional layer of defense. 6. Engage with Italtel support channels to obtain patches or updates as they become available and apply them promptly. 7. Educate users and administrators about the risks of clicking on untrusted links or submitting unverified data to the system. 8. Conduct regular security assessments and penetration testing focusing on web interface vulnerabilities to detect similar issues proactively.