← back
CVE-2024-4174

Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server

CVSS 5.4 MEDIUMEPSS 0.3%CWE-79
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.4EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
25 Apr 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affecting version 2.0.15. This vulnerability could allow an attacker to execute malicious Javascript code on the client by injecting that code into the URL.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N