Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to the lack of input validation, affecting the “id_form_msg_title” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their credentials.
Metrics
Affected Vendors & Products
References
History
Tue, 24 Sep 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 24 Sep 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to the lack of input validation, affecting the “id_form_msg_title” parameter, among others. This vulnerability could allow a remote user to send a specially crafted URL to a victim and retrieve their credentials. | |
Title | Cross-site Scripting vulnerability on Scriptcase | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-09-24T11:51:49.722Z
Updated: 2024-09-24T13:26:07.233Z
Reserved: 2024-09-17T09:43:48.913Z
Link: CVE-2024-8942
Vulnrichment
Updated: 2024-09-24T13:26:01.461Z
NVD
Status : Awaiting Analysis
Published: 2024-09-25T01:15:48.483
Modified: 2024-09-26T13:32:02.803
Link: CVE-2024-8942
Redhat
No data.