Lucene search
Veracode Vulnerability DatabaseVERACODE:48510HistoryAug 22, 2024 - 7:31 a.m.
Cross Site Scripting (XSS)
2024-08-2207:31:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
ckan
cross site scripting
xss
datatables
datastore
confidentiality
vulnerability
software
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
21.3%
ckan is vulnerable to Cross Site Scripting (XSS). The vulnerability is caused due to the Datatables view plugin did not properly escape record data coming from the DataStore. This can lead to compromising confidentiality of the system.
Related
github
github
CKAN has Cross-site Scripting vector in the Datatables view plugin
2024-08-21 18:26:29
osv
osv
CKAN has Cross-site Scripting vector in the Datatables view plugin
2024-08-21 18:26:29
CVE-2024-41675
2024-08-21 15:15:08
vulnrichment
vulnrichment
cvelist
cvelist
cve
cve
CVE-2024-41675
2024-08-21 15:15:08
nvd
nvd
CVE-2024-41675
2024-08-21 15:15:08
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
AI Score
6.5
Confidence
High
EPSS
0.001
Percentile
21.3%
Related for VERACODE:48510