Lucene search

[email protected]NVD:CVE-2024-37514

HistoryJul 21, 2024 - 8:15 a.m.

CVE-2024-37514

2024-07-2108:15:04

CWE-79

[email protected]

web.nvd.nist.gov

cve-2024-37514

stored xss

copysafe web protection

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

Percentile

14.7%

JSON

Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in ArtistScope CopySafe Web Protection allows Stored XSS.This issue affects CopySafe Web Protection: from n/a through 3.14.

Affected configurations

Nvd

Node

artistscopecopysafe_web_protectionRange<3.15wordpress

VendorProductVersionCPE
artistscopecopysafe_web_protection*cpe:2.3:a:artistscope:copysafe_web_protection:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
artistscope	copysafe_web_protection	*	cpe:2.3:a:artistscope:copysafe_web_protection::::::wordpress::*

References

patchstack.com/database/vulnerability/wp-copysafe-web/wordpress-copysafe-web-protection-plugin-3-14-cross-site-scripting-xss-vulnerability?_s_id=cve