Lucene search
K

8 matches found

Nuclei
Nuclei
added 18 hours ago16 views

Journyx 11.5.4 - Reflected Cross Site Scripting

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application. id: CVE-2024-6892 info: name: Journyx 11.5.4 - Reflected Cross Site Scripting author: DhiyaneshDk severity: medium description: | Attackers can craft a malicious...

6.1CVSS6.6AI score0.00713EPSS
Exploits2References3
OSV
OSV
added 2024/08/08 12:15 a.m.2 views

CVE-2024-6892

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application...

6.1CVSS6AI score0.00713EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2024/08/08 12:0 a.m.310 views

Journyx 11.5.4 Cross Site Scripting

KL-001-2024-009: Journyx Reflected Cross Site Scripting Title: Journyx Reflected Cross Site Scripting Advisory ID: KL-001-2024-009 Publication Date: 2024.08.07 Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-009.txt 1. Vulnerability Details Affected Vendor: Journyx Affecte...

7.1AI score0.00713EPSS
Exploits2
0day.today
0day.today
added 2024/08/08 12:0 a.m.238 views

Journyx 11.5.4 Cross Site Scripting Vulnerability

Journyx version 11.5.4 suffers from a cross site scripting vulnerability due to mishandling of the errordescription during an active directory login flow. Title: Journyx Reflected Cross Site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2024-009.txt 1. Vulnerability...

6.1CVSS6.2AI score0.00713EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2024/08/07 11:19 p.m.14 views

CVE-2024-6892 Journyx Reflected Cross Site Scripting

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application...

7.6AI score0.00713EPSS
Exploits2References1
CVE
CVE
added 2024/08/07 11:19 p.m.65 views

CVE-2024-6892

Summary of CVE-2024-6892 (Journyx Reflected XSS) Affected product: Journyx (jtime) version 11.5.4. Root cause: Reflected cross-site scripting caused by unsanitized/reflected error_description parameter in the active directory login flow, which can be set via the URL and reflected in the page resp...

6.1CVSS7AI score0.00713EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2024/08/07 11:19 p.m.34 views

CVE-2024-6892 Journyx Reflected Cross Site Scripting

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application...

0.00713EPSS
Exploits2References1
KoreLogic Security
KoreLogic Security
added 2024/08/07 12:0 a.m.37 views

Journyx Reflected Cross Site Scripting

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-81: Improper Neutralization of Script in an Error Message Web Page CVE ID: CVE-2024-6892 2. Vulnerability Description Attackers can craft a...

6.1CVSS7.2AI score0.00713EPSS
Exploits2Affected Software1
Rows per page
Query Builder