2 matches found
CVE-2024-22854
Darktrace Threat Visualizer contains a DOM-based HTML injection in the main page for versions 6.1.27 and earlier. A crafted URL visited by an authenticated user can trigger an open redirect and potential credential theft via an injected HTML form. Affected component: Darktrace Threat Visualizer m...
CVE-2023-29656
The CVE-2023-29656 entry describes an improper authorization vulnerability in the Darktrace Mobile App (Android) prior to version 6.0.15. Affected component: antigena actions (block/unblock traffic) exposed in the mobile app. Root cause: disabled or low-privilege users can control antigena action...