CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-22854

DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6.1.27 (bundle version 61050) and before has been identified. A URL, crafted by a remote attacker and visited by an authenticated user, allows open redirect and potential credential stealing using an injected HTML form.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://tomekwasiak.pl/cve-2024-22854/
https://tomekwasiak.pl/cve-2024-22854/

Products affected by CVE-2024-22854

Darktrace » Threat Visualizer » Version: N/A

cpe:2.3:a:darktrace:threat_visualizer:-
Darktrace » Threat Visualizer » Version: 6.1.27

cpe:2.3:a:darktrace:threat_visualizer:6.1.27

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-22854

Products

Pricing

Contact Us