Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

References
History

Fri, 23 Aug 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Microfocus
Microfocus acutoweb
Weaknesses CWE-79
CPEs cpe:2.3:a:microfocus:acutoweb:*:*:*:*:*:*:*:*
Vendors & Products Microfocus
Microfocus acutoweb
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 23 Aug 2024 17:30:00 +0000

Type Values Removed Values Added
Description Cross Site Scripting vulnerability in AcuToWeb server v.10.5.0.7577C8b allows a remote attacker to execute arbitrary code via the index.php component.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-23T18:55:18.809Z

Reserved: 2024-08-05T00:00:00

Link: CVE-2024-42852

cve-icon Vulnrichment

Updated: 2024-08-23T17:54:58.322Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-08-23T18:15:07.367

Modified: 2024-08-23T19:35:15.240

Link: CVE-2024-42852

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.