Lucene search

CVE-2024-3793

🗓️ 14 May 2024 15:19:42Reported by INCIBEType

cve🔗 web.nvd.nist.gov👁 15 Views🌐 WEB

Vulnerability in WBSAirback 21.02.04, using stored Cross-Site Scripting (XSS) to steal session data

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 4
Cvelist	CVE-2024-3793 Cross-site Scripting vulnerability in WBSAirback	15 Apr 202414:13	–	cvelist
NVD	CVE-2024-3793	14 May 202415:42	–	nvd
Vulnrichment	CVE-2024-3793 Cross-site Scripting vulnerability in WBSAirback	15 Apr 202414:13	–	vulnrichment
CNVD	WBSAirback cross-site scripting vulnerability (CNVD-2024-27120)	25 May 202400:00	–	cnvd

Nvd

Vulners

Node

whitebearsolutions wbsairbackMatch21.02.04

[
  {
    "defaultStatus": "unaffected",
    "product": "White Bear Solutions",
    "vendor": "WBSAirback",
    "versions": [
      {
        "status": "affected",
        "version": "21.02.04"
      }
    ]
  }
]

Source	Link
incibe	www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wbsairback-white-bear-solutions

Parameter	Position	Path	Description	CWE
account name	request body	/admin/CloudAccounts	Stored Cross-Site Scripting (XSS) vulnerability allowing remote users to steal session data.	CWE-79
user password	request body	/admin/CloudAccounts	Stored Cross-Site Scripting (XSS) vulnerability allowing remote users to steal session data.	CWE-79
server	request body	/admin/CloudAccounts	Stored Cross-Site Scripting (XSS) vulnerability allowing remote users to steal session data.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 May 2024 15:42Current

6Medium risk

Vulners AI Score6

CVSS34.8

EPSS0.00061

SSVC

CWE-79