Lucene search
TenableCVE-2024-7790HistoryAug 14, 2024 - 2:15 p.m.
CVE-2024-7790
2024-08-1414:15:28
CWE-79
tenable
web.nvd.nist.gov
24
cve-2024-7790
devikaai
cross site scripting
improperly decoded user input
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
14.7%
A stored cross site scripting vulnerabilities exists in DevikaAI from commitΒ 6acce21fb08c3d1123ef05df6a33912bf0ee77c2 onwards via improperly decoded user input.
Affected configurations
Node
stitionaidevikaRange2024-06-08β₯
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "DevikaAI",
"repo": "https://github.com/stitionai/devika",
"vendor": "Devikia",
"versions": [
{
"lessThanOrEqual": "current",
"status": "affected",
"version": "6acce21fb08c3d1123ef05df6a33912bf0ee77c2",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2024-7790
2024-08-14 14:15:28
vulnrichment
vulnrichment
CVE-2024-7790 DevikaAI Stored Cross-Site Scripting
2024-08-14 13:49:42
cvelist
cvelist
CVE-2024-7790 DevikaAI Stored Cross-Site Scripting
2024-08-14 13:49:42
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS
0
Percentile
14.7%
Related for CVE-2024-7790