Lucene search

[email protected]NVD:CVE-2024-23998

HistoryJul 05, 2024 - 4:15 p.m.

CVE-2024-23998

2024-07-0516:15:04

CWE-79

[email protected]

web.nvd.nist.gov

redis desktop manager

cross site scripting

vulnerability

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

37.6%

JSON

goanother Another Redis Desktop Manager =<1.6.1 is vulnerable to Cross Site Scripting (XSS) via src/components/Setting.vue.

Affected configurations

Nvd

Node

goanotheranother_redis_desktop_managerRange≤1.6.1

VendorProductVersionCPE
goanotheranother_redis_desktop_manager*cpe:2.3:a:goanother:another_redis_desktop_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
goanother	another_redis_desktop_manager	*	cpe:2.3:a:goanother:another_redis_desktop_manager::::::::

References

github.com/EQSTLab/PoC/tree/main/2024/LCE/CVE-2024-23998

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS

0.001

Percentile

37.6%

JSON

Related for NVD:CVE-2024-23998

vulnrichment1 cvelist1 cve1 osv1