Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-28128

Published: 18/03/2024 Updated: 18/03/2024

Vulnerability Summary

Cross-site scripting vulnerability exists in FitNesse releases before 20220319, which may allow a remote unauthenticated malicious user to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter.

References

https://github.com/unclebob/fitnessehttp://fitnesse.org/FitNesseDownloadhttps://github.com/unclebob/fitnesse/blob/master/SECURITY.mdhttps://jvn.jp/en/jp/JVN94521208/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook