CVE-2024-9030

20 Sep 2024

Jose Alexis Correa Valencia
0 Comentarios

Título es

CVE-2024-9030

Vie, 20/09/2024 – 12:15

Tipo

CWE-79

Gravedad v2.0

4.00

Gravedad 2.0 Txt

MEDIUM

Título en

CVE-2024-9030

Descripción en

A vulnerability classified as problematic was found in CodeCanyon CRMGo SaaS 7.2. This vulnerability affects unknown code of the file /deal/{note_id}/note. The manipulation of the argument notes leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

20/09/2024

Vector CVSS:3.1

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Vector CVSS:2.0

AV:N/AC:L/Au:S/C:N/I:P/A:N

Gravedad 3.1 (CVSS 3.1 Base Score)

3.50

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

LOW

Referencias

https://bytium.com/stored-xss-vulnerabilities-in-crmgo-sass-version-7-2/

https://vuldb.com/?ctiid_278200=

https://vuldb.com/?id_278200=

Enviar en el boletín

Off

CVE-2024-9030

CVE-2024-9030

Jose Alexis Correa Valencia