CVE-2024-26018
CVE-2024-26018
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.1EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
26 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Cross-site scripting vulnerability exists in TvRock 0.9t8a. An arbitrary script may be executed on the web browser of the user accessing the website that uses the product. Note that the developer was unreachable, therefore, users should consider stop using TvRock 0.9t8a.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
TvRock · TvRockReferences
https://jvn.jp/en/jp/JVN69107517/