Lucene search
Ubuntu.comUB:CVE-2024-28832HistoryJun 25, 2024 - 12:00 a.m.
CVE-2024-28832
2024-06-2500:00:00
ubuntu.com
ubuntu.com
2
stored xss
checkmk
arbitrary script
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7,
2.2.0p28, 2.1.0p45, and 2.0.0 (EOL) allows users with permission to change
Global Settings to execute arbitrary scripts by injecting HTML elements
into the Crash Report URL in the Global Settings.
Related
cvelist
cvelist
CVE-2024-28832 XSS in Crash Report Page
2024-06-25 11:45:33
vulnrichment
vulnrichment
CVE-2024-28832 XSS in Crash Report Page
2024-06-25 11:45:33
cve
cve
CVE-2024-28832
2024-06-25 12:15:09
osv
osv
CVE-2024-28832
2024-06-25 12:15:00
nvd
nvd
CVE-2024-28832
2024-06-25 12:15:09
CVSS3
4.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
Related for UB:CVE-2024-28832