Vulnerabilities

CVE-2024-11021

by Fred · 11/11/2024

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser.

More information : https://www.twcert.org.tw/tw/cp-132-8219-f12d0-1.html

Attack vector : NETWORK
Attack complexity : LOW
Privileges required : LOW
User interaction : REQUIRED
Confidentiality impact : LOW
Integrity impact : LOW
Base score : 5.4
Base severity : MEDIUM
Exploitability score : 2.3
Impact score : 2.7

Similar

Tags: Cybersecurity Alert