A stored cross-site scripting (XSS) vulnerability in SeedDMS v6.0.28 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter in the Calendar page.
Metrics
Affected Vendors & Products
References
History
Mon, 07 Oct 2024 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Seeddms
Seeddms seeddms |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:seeddms:seeddms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Seeddms
Seeddms seeddms |
|
Metrics |
cvssV3_1
|
Fri, 04 Oct 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A stored cross-site scripting (XSS) vulnerability in SeedDMS v6.0.28 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter in the Calendar page. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-04T00:00:00
Updated: 2024-10-04T18:29:36.173Z
Reserved: 2024-09-11T00:00:00
Link: CVE-2024-46409
Vulnrichment
Updated: 2024-10-04T18:29:30.480Z
NVD
Status : Awaiting Analysis
Published: 2024-10-04T17:15:17.073
Modified: 2024-10-07T19:37:28.597
Link: CVE-2024-46409
Redhat
No data.