Lucene search
Redhat.comRH:CVE-2024-28175HistoryMar 13, 2024 - 9:23 p.m.
CVE-2024-28175
2024-03-1321:23:18
redhat.com
access.redhat.com
36
cve-2024-28175
argo cd
remote attack
cross-site scripting
privilege escalation
CVSS3
9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
A flaw was found in Argo CD. Due to improper filtering of URL protocols in the application summary component, a remote attacker can execute a cross-site scripting (XSS) attack with privileges to edit the application.
Related
vulnrichment
vulnrichment
prion
prion
Cross site scripting
2024-03-13 21:16:00
osv
osv
BIT-argo-cd-2024-28175
2024-03-15 07:17:23
CGA-qj3m-gwcg-f889
2024-06-06 12:26:18
CGA-x9m9-xv6w-8f27
2024-06-06 12:29:57
cve
cve
CVE-2024-28175
2024-03-13 21:16:00
github
github
Cross-site scripting on application summary component
2024-03-15 19:46:21
cgr
cgr
CVE-2024-28175 vulnerabilities
2024-05-19 03:07:16
veracode
veracode
Cross-site Scripting (XSS)
2024-03-15 06:11:12
nvd
nvd
CVE-2024-28175
2024-03-13 21:16:00
cvelist
cvelist
redhat
redhat
CVSS3
9
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
AI Score
6
Confidence
High
EPSS
0
Percentile
9.0%
Related for RH:CVE-2024-28175