An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim's browser for sending carefully crafted malicious links to the EDR XConsole end user.
Advisories
Source ID Title
EUVD EUVD EUVD-2024-32735 An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim's browser for sending carefully crafted malicious links to the EDR XConsole end user.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: trellix

Published:

Updated: 2024-08-01T20:33:52.528Z

Reserved: 2024-04-25T10:01:39.233Z

Link: CVE-2024-4176

cve-icon Vulnrichment

Updated: 2024-08-01T20:33:52.528Z

cve-icon NVD

Status : Modified

Published: 2024-06-13T09:15:14.217

Modified: 2024-11-21T09:42:20.253

Link: CVE-2024-4176

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.