CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-24397

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 79.1%

CVSS Severity

CVSS v3 Score 5.4

References

http://stimulsoft.com
https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R
https://cves.at/posts/cve-2024-24397/writeup/
http://stimulsoft.com
https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R
https://cves.at/posts/cve-2024-24397/writeup/

Products affected by CVE-2024-24397

Stimulsoft » Dashboards.js » Version: N/A

cpe:2.3:a:stimulsoft:dashboards.js:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-24397

Products

Pricing

Contact Us