CVE-2024-26362
CVE-2024-26362
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
10 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/a