exploitDog

CVE-2024-41504

Опубликовано: 10 июн. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS). In the "Oportunidades" (opportunities) section of the application when creating or editing an "Atividade" (activity), the form field "Descrico" allows injection of JavaScript.

Ссылки

http://jetimob.com
Product
https://github.com/rafaelbaldasso/CVE-2024-41504
Exploit
Third Party Advisory
https://github.com/rafaelbaldasso/CVE-2024-41504
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:jetimob:imobiliaria:2024-06-27:*:*:*:*:*:*:*

EPSS

Процентиль: 10%

0.00035

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-57x8-g7cj-crwq

CVSS3: 6.1

github

8 месяцев назад

Jetimob Plataforma Imobiliaria 20240627-0 is vulnerable to Cross Site Scripting (XSS). In the "Oportunidades" (opportunities) section of the application when creating or editing an "Atividade" (activity), the form field "Descrico" allows injection of JavaScript.

EPSS

Процентиль: 10%

0.00035

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79