Lucene search
HistorySep 07, 2024 - 5:15 p.m.
CVE-2024-42020
cross-site-scripting
reporter widgets
html injection
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
EPSS
0
Percentile
9.5%
A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.
References
Related
cve
cve
CVE-2024-42020
2024-09-07 17:15:14
cvelist
cvelist
CVE-2024-42020
2024-09-07 16:11:22
vulnrichment
vulnrichment
CVE-2024-42020
2024-09-07 16:11:22
veeam
veeam
Veeam Security Bulletin (September 2024)
2024-09-04 00:00:00
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2024-42020