CVE-2024-25090

🗓️ 26 Jul 2024 09:09:15Reported by [email protected]Type

Insufficient input validation in Apache Roller allows authenticated users to perform XSS attac

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
CNVD	Apache Roller Cross-Site Scripting Vulnerability (CNVD-2024-35670)	30 Jul 202400:00	–	cnvd
Vulnrichment	CVE-2024-25090 Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode	26 Jul 202408:36	–	vulnrichment
RedhatCVE	CVE-2024-25090	26 Jul 202410:01	–	redhatcve
Cvelist	CVE-2024-25090 Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode	26 Jul 202408:36	–	cvelist
CVE	CVE-2024-25090	26 Jul 202409:15	–	cve
OSV	CVE-2024-25090	26 Jul 202409:15	–	osv

Nvd

Node

apache rollerRange5.0.0–6.1.3

Source	Link
lists	www.lists.apache.org/thread/lb50jqyxwf8jrfpydl6dc5zpqtpgrrwd
openwall	www.openwall.com/lists/oss-security/2024/07/25/2

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jul 2024 09:15Current

CVSS35.4

EPSS0.00213