CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-6050

Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.3%

CVSS Severity

CVSS v3 Score 6.1

References

https://cert.pl/en/posts/2024/07/CVE-2024-6050/
https://cert.pl/posts/2024/07/CVE-2024-6050/
https://cert.pl/en/posts/2024/07/CVE-2024-6050/
https://cert.pl/posts/2024/07/CVE-2024-6050/

Products affected by CVE-2024-6050

Sokrates » Sowa Opac » Version: Any

cpe:2.3:a:sokrates:sowa_opac:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-6050

Products

Pricing

Contact Us