Lucene search
HistoryAug 28, 2024 - 12:15 p.m.
CVE-2024-6450
hyperview
geoportal toolkit
xss
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting (XSS). An unauthenticated attacker might trick somebody into using a crafted URL, which will cause a script to be run in user’s browser.
Affected configurations
Node
hyperviewgeoportal_toolkitRange<8.5.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| hyperview | geoportal_toolkit | * | cpe:2.3:a:hyperview:geoportal_toolkit:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2024-6450
2024-08-28 12:15:06
cvelist
cvelist
CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit
2024-08-28 11:50:20
vulnrichment
vulnrichment
CVE-2024-6450 Reflected XSS in HyperView Geoportal Toolkit
2024-08-28 11:50:20
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
17.7%
Related for NVD:CVE-2024-6450