CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-3790

Vulnerability in WBSAirback 21.02.04, which consists of a stored Cross-Site Scripting (XSS) through /admin/SystemUsers, login / description fields, passwd1/ passwd2 parameters. Exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 22.3%

CVSS Severity

CVSS v3 Score 4.8

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wbsairback-white-bear-solutions
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-wbsairback-white-bear-solutions

Products affected by CVE-2024-3790

Whitebearsolutions » Wbsairback » Version: 21.02.04

cpe:2.3:a:whitebearsolutions:wbsairback:21.02.04

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3790

Products

Pricing

Contact Us