Vulnerability Details CVE-2024-2211
Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.6%
CVSS Severity
CVSS v3 Score 4.6
References
Products affected by CVE-2024-2211
-
cpe:2.3:a:getgophish:gophish:0.12.1