Lucene search
MitreCVE-2024-42678HistoryAug 15, 2024 - 2:15 p.m.
CVE-2024-42678
2024-08-1514:15:10
CWE-79
mitre
web.nvd.nist.gov
27
cross site scripting
arbitrary code execution
local attacker
webset component
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
17.7%
Cross Site Scripting vulnerability in Super easy enterprise management system v.1.0.0 and before allows a local attacker to execute arbitrary code via a crafted script to the /WebSet/DlgGridSet.html component.
Affected configurations
Node
cysoft168super_easy_enterprise_management_systemRange≤1.0.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cysoft168 | super_easy_enterprise_management_system | * | cpe:2.3:a:cysoft168:super_easy_enterprise_management_system:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2024-42678
2024-08-15 00:00:00
vulnrichment
vulnrichment
CVE-2024-42678
2024-08-15 00:00:00
nvd
nvd
CVE-2024-42678
2024-08-15 14:15:10
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AI Score
7
Confidence
High
EPSS
0.001
Percentile
17.7%
Related for CVE-2024-42678