← volver
CVE-2024-24571

facileManager Systemic Cross-Site Scripting (XSS)

CVSS 5.4 MEDIUMEPSS 0.4%CWE-80
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.4EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
31 ene 2024Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Productos afectados
WillyXJ · facileManager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj