exploitDog

CVE-2024-24571

Опубликовано: 31 янв. 2024

Источник: nvd

CVSS3: 5.4

CVSS3: 5.4

EPSS Низкий

Описание

facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.

Ссылки

https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877
Patch
https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj
Exploit
Vendor Advisory
https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877
Patch
https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:facilemanager:facilemanager:*:*:*:*:*:*:*:*

Версия до 4.5.1 (исключая)

EPSS

Процентиль: 58%

0.00362

Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-80

EPSS

Процентиль: 58%

0.00362

Низкий

5.4 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-80