5 matches found
CVE-2024-51380
creationtimestamp| type| source ---|---|--- 2024-11-05 18:26:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113431751243982953 2024-11-05 21:25:40+00:00| seen| https://t.me/cvedetector/9938...
CVE-2024-51380
Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...
CVE-2024-51380
CVE-2024-51380 is a stored XSS in JATOS v3.9.3 targeting the Properties Component, specifically the UUID field. When an admin opens a study’s properties, injected JavaScript can execute in the admin’s browser, potentially enabling account compromise and privilege escalation. The CVSSv3.1 base sco...
CVE-2024-51380
Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...
CVE-2024-51380
Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...