Lucene search
K

4 matches found

NVD
NVD
added 2024/12/12 1:15 p.m.25 views

CVE-2024-28142

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page /cgi/uset.cgi?-cfilename in the User Settings menu improperly filters the "file name" and wildcard character input field. By...

4.7CVSS0.00452EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/12 12:35 p.m.15 views

CVE-2024-28142 Stored cross site scripting

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page /cgi/uset.cgi?-cfilename in the User Settings menu improperly filters the "file name" and wildcard character input field. By...

7AI score0.00452EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/12 12:35 p.m.33 views

CVE-2024-28142 Stored cross site scripting

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page /cgi/uset.cgi?-cfilename in the User Settings menu improperly filters the "file name" and wildcard character input field. By...

0.00452EPSS
Exploits0References2
CVE
CVE
added 2024/12/12 12:35 p.m.55 views

CVE-2024-28142

The CVE-2024-28142 entry describes stored cross-site scripting via improper input sanitization on the Image Access Scan2Net (and related lines) File Name input on the User Settings page (/cgi/uset.cgi?-cfilename). The root cause is inadequate filtering of the file name and wildcard character inpu...

4.7CVSS6.7AI score0.00452EPSS
Exploits0References3
Rows per page
Query Builder