Lucene search
Ubuntu.comUB:CVE-2024-28831HistoryJun 25, 2024 - 12:00 a.m.
CVE-2024-28831
2024-06-2500:00:00
ubuntu.com
ubuntu.com
1
stored xss
checkmk
html injection
confirmation pop-up
arbitrary scripts
security vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.6
Confidence
High
Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7
and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting
HTML elements into some user input fields that are shown in a confirmation
pop-up.
Related
vulnrichment
vulnrichment
CVE-2024-28831 XSS in confirmation pop-up
2024-06-25 11:45:27
nvd
nvd
CVE-2024-28831
2024-06-25 12:15:09
cve
cve
CVE-2024-28831
2024-06-25 12:15:09
cvelist
cvelist
CVE-2024-28831 XSS in confirmation pop-up
2024-06-25 11:45:27
osv
osv
CVE-2024-28831
2024-06-25 12:15:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
6.6
Confidence
High
Related for UB:CVE-2024-28831