exploitDog

CVE-2024-43024

Опубликовано: 18 сент. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload.

Ссылки

https://community.rws.com/product-groups/translation_management/multitrans/w/releases/5112/multitrans-7-releases
Release Notes
https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-43024
Third Party Advisory
https://github.com/tomdantuma/CVE/tree/main/2024-43024
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rws:multitrans:*:*:*:*:*:*:*:*

Версия до 7.0.23324.2 (включая)

EPSS

Процентиль: 57%

0.00346

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-2wh6-wp88-phq8

CVSS3: 6.1

github

больше 1 года назад

Multiple stored cross-site scripting (XSS) vulnerabilities in RWS MultiTrans v7.0.23324.2 and earlier allow attackers to execute arbitrary web scripts or HTML via a crafted payload.

EPSS

Процентиль: 57%

0.00346

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79