Lucene search
MitreCVE-2024-31651HistoryApr 15, 2024 - 10:15 p.m.
CVE-2024-31651
2024-04-1522:15:09
CWE-79
mitre
web.nvd.nist.gov
26
cve-2024-31651
cross-site scripting
online store
security vulnerability
crafted payload
first name parameter
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter.
Related
nvd
nvd
CVE-2024-31651
2024-04-15 22:15:09
vulnrichment
vulnrichment
CVE-2024-31651
2024-04-15 00:00:00
cvelist
cvelist
CVE-2024-31651
2024-04-15 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2024-31651