Lucene search

K

[email protected]CVE-2024-36656

HistoryJun 14, 2024 - 3:15 p.m.

CVE-2024-36656

2024-06-1415:15:50

[email protected]

web.nvd.nist.gov

23

minthcm

4.0.3

registered user

arbitrary javascript

xss attack

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

In MintHCM 4.0.3, a registered user can execute arbitrary JavaScript code and achieve a reflected Cross-site Scripting (XSS) attack.

References

github.com/minthcm/minthcm/issues/67

6.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

Related for CVE-2024-36656

vulnrichment1 cvelist1 nvd1