2 matches found
CVE-2024-0317 Cross-Site Scripting in FireEye EX
Cross-Site Scripting in FireEye EX, affecting version 9.0.3.936727. Exploitation of this vulnerability allows an attacker to send a specially crafted JavaScript payload via the 'type' and 'sfname' parameters to an authenticated user to retrieve their session details...
CVE-2024-0317
CVE-2024-0317 is an XSS vulnerability in FireEye EX 9.0.3.936727. The issue allows an attacker to send a crafted JavaScript payload via the parameters “type” and “s_f_name” to an authenticated user, enabling retrieval of the user’s session details. Supported by multiple sources in the provided do...