Lucene search
GoogleOSV:CVE-2024-28831HistoryJun 25, 2024 - 12:15 p.m.
CVE-2024-28831
2024-06-2512:15:00
Google
osv.dev
stored xss
checkmk
html injection
user input
security vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.2
Confidence
High
Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up.
Related
ubuntucve
ubuntucve
CVE-2024-28831
2024-06-25 00:00:00
vulnrichment
vulnrichment
CVE-2024-28831 XSS in confirmation pop-up
2024-06-25 11:45:27
cvelist
cvelist
CVE-2024-28831 XSS in confirmation pop-up
2024-06-25 11:45:27
nvd
nvd
CVE-2024-28831
2024-06-25 12:15:09
cve
cve
CVE-2024-28831
2024-06-25 12:15:09
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.2
Confidence
High
Related for OSV:CVE-2024-28831