Lucene search
+L

5 matches found

Circl
Circl
added 2024/11/05 6:26 p.m.18 views

CVE-2024-51380

creationtimestamp| type| source ---|---|--- 2024-11-05 18:26:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113431751243982953 2024-11-05 21:25:40+00:00| seen| https://t.me/cvedetector/9938...

8.4CVSS4.8AI score0.00467EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/05 12:0 a.m.17 views

CVE-2024-51380

Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...

0.00467EPSS
Exploits1References1
CVE
CVE
added 2024/11/05 12:0 a.m.63 views

CVE-2024-51380

CVE-2024-51380 is a stored XSS in JATOS v3.9.3 targeting the Properties Component, specifically the UUID field. When an admin opens a study’s properties, injected JavaScript can execute in the admin’s browser, potentially enabling account compromise and privilege escalation. The CVSSv3.1 base sco...

8.4CVSS5.4AI score0.00467EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/05 12:0 a.m.16 views

CVE-2024-51380

Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...

5.4AI score0.00467EPSS
Exploits1References1
OSV
OSV
added 2024/11/05 12:0 a.m.7 views

CVE-2024-51380

Stored Cross-Site Scripting XSS vulnerability discovered in the Properties Component of JATOS v3.9.3. This flaw allows an attacker to inject malicious JavaScript into the properties section of a study, specifically within the UUID field. When an admin user accesses the study's properties, the...

8.4CVSS5.5AI score0.00467EPSS
Exploits1References3
Rows per page
Query Builder