Lucene search
MitreCVE-2024-43025HistorySep 18, 2024 - 8:15 p.m.
CVE-2024-43025
2024-09-1820:15:03
CWE-79
mitre
web.nvd.nist.gov
23
html injection
rws multitrans
phishing attack
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
16.4%
An HTML injection vulnerability in RWS MultiTrans v7.0.23324.2 and earlier allows attackers to alter the HTML-layout and possibly execute a phishing attack via a crafted payload injected into a sent e-mail.
Affected configurations
Node
rwsmultitransRange≤7.0.23324.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| rws | multitrans | * | cpe:2.3:a:rws:multitrans:*:*:*:*:*:*:*:* |
Related
vulnrichment
vulnrichment
CVE-2024-43025
2024-09-18 00:00:00
nvd
nvd
CVE-2024-43025
2024-09-18 20:15:03
cvelist
cvelist
CVE-2024-43025
2024-09-18 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
16.4%
Related for CVE-2024-43025