Lucene search

K

[email protected]NVD:CVE-2024-24510

HistorySep 09, 2024 - 7:15 p.m.

CVE-2024-24510

2024-09-0919:15:13

[email protected]

web.nvd.nist.gov

2

cross site scripting

alinto sogo

remote attacker

arbitrary code

mail component

cve-2024-24510

EPSS

0

Percentile

9.5%

Cross Site Scripting vulnerability in Alinto SOGo before 5.10.0 allows a remote attacker to execute arbitrary code via the import function to the mail component.

References

book.hacktricks.xyz/pentesting-web/xs-search/css-injection

github.com/Alinto/sogo/commit/21468700718ed71774eaf2979ee59330fc569424

EPSS

0

Percentile

9.5%

Related for NVD:CVE-2024-24510

cvelist1 osv1 debiancve1 vulnrichment1 cve1