Lucene search

K
cvelistTR-CERTCVELIST:CVE-2024-7077
HistorySep 04, 2024 - 2:24 p.m.

CVE-2024-7077 Reflected XSS in Semtek Informatics Software's Semtek Sempos

2024-09-0414:24:40
CWE-79
TR-CERT
www.cve.org
3
cve-2024-7077
reflected xss
semtek informatics software
semtek sempos
web page generation
cross-site scripting
vulnerability
consulting inc.

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/SC:L/VI:L/SI:L/VA:N/SA:N

EPSS

0.001

Percentile

17.7%

Improper Neutralization of Input During Web Page Generation (β€˜Cross-site Scripting’) vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Reflected XSS.This issue affects Semtek Sempos: through 31072024.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Semtek Sempos",
    "vendor": "Semtek Informatics Software Consulting Inc.",
    "versions": [
      {
        "lessThanOrEqual": "31072024",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

CVSS4

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

PASSIVE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/SC:L/VI:L/SI:L/VA:N/SA:N

EPSS

0.001

Percentile

17.7%

Related for CVELIST:CVE-2024-7077