CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-37675

Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter "sectionContent" related to the functionality of adding notes to an uploaded file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.8%

CVSS Severity

CVSS v3 Score 5.4

References

http://docubase.com
http://tessi.com
https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md
http://docubase.com
http://tessi.com
https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md

Products affected by CVE-2024-37675

Tessi » Docubase » Version: 5.0

cpe:2.3:a:tessi:docubase:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-37675

Products

Pricing

Contact Us