Lucene search
MitreVULNRICHMENT:CVE-2024-26542HistoryFeb 27, 2024 - 12:00 a.m.
CVE-2024-26542
2024-02-2700:00:00
mitre
github.com
1
cross site scripting
bonitasoft
arbitrary code
groups display name field
security vulnerability
Cross Site Scripting vulnerability in Bonitasoft, S.A v.7.14. and fixed in v.9.0.2, 8.0.3, 7.15.7, 7.14.8 allows attackers to execute arbitrary code via a crafted payload to the Groups Display name field.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:bonitasoft:bonita_web:*:*:*:*:*:*:*:*"
],
"vendor": "bonitasoft",
"product": "bonita_web",
"versions": [
{
"status": "affected",
"version": "7.14",
"lessThan": "9.0.2",
"versionType": "custom"
},
{
"status": "affected",
"version": "7.14",
"lessThan": "8.0.3",
"versionType": "custom"
},
{
"status": "affected",
"version": "7.14",
"lessThan": "7.15.7",
"versionType": "custom"
},
{
"status": "affected",
"version": "7.14",
"lessThan": "7.14.8",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
prion
prion
Cross site scripting
2024-02-27 22:15:00
cve
cve
CVE-2024-26542
2024-02-27 22:15:15
cvelist
cvelist
CVE-2024-26542
2024-02-27 00:00:00
nvd
nvd
CVE-2024-26542
2024-02-27 22:15:15
AI Score
7.2
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2024-26542