Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:52 a.m.6 views

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

6.1CVSS6.6AI score0.00604EPSS
Exploits1References1
NVD
NVD
added 2024/05/29 1:15 p.m.26 views

CVE-2024-25976

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

6.1CVSS6.4AI score0.00604EPSS
Exploits1References3
CVE
CVE
added 2024/05/29 12:22 p.m.83 views

CVE-2024-25976

The CVE-2024-25976 entry refers to HAWKI (HAWK Digital Environments)—a university teaching interface. When LDAP authentication is enabled, the application reflects the value of $_SERVER['PHP_SELF'] in login.php, enabling reflected XSS that allows arbitrary JavaScript execution in the victim’s bro...

6.1CVSS6.5AI score0.00604EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/05/29 12:22 p.m.32 views

CVE-2024-25976 Reflected Cross-Site-Scripting (XSS)

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

6.4AI score0.00604EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/05/29 12:22 p.m.13 views

CVE-2024-25976 Reflected Cross-Site-Scripting (XSS)

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

6.6AI score0.00604EPSS
Exploits1References3
OSV
OSV
added 2024/05/29 12:22 p.m.21 views

CVE-2024-25976 Reflected Cross-Site-Scripting (XSS)

When LDAP authentication is activated in the configuration it is possible to obtain reflected XSS execution by creating a custom URL that the victim only needs to open in order to execute arbitrary JavaScript code in the victim's browser. This is due to a fault in the file login.php where the...

6.1CVSS6.3AI score0.00604EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2024/05/28 12:0 a.m.376 views

HAWKI 1.0.0-beta.1 XSS / File Overwrite / Session Fixation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: HAWKI Interaction Design Team at the University of Applied Sciences and Arts in Hildesheim/Germany vulnerable version: 1.0.0-beta.1,...

7.4AI score0.00604EPSS
Exploits1
Rows per page
Query Builder