CVE-2024-2001 in Cockpitinformazioni

Riassunto

di MITRE • 29/02/2024

A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

29/02/2024

Divulgazione

29/02/2024

Moderazione

accettato

CPE

pronto

EPSS

0.00323

KEV

no

Attività

molto basso

Settore

Lawfirm, Agriculture, ...

Fonti

MITREhttps://www.cve.org/CVERecord?id=CVE-2024-2001
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2024-2001
CVE Detailshttps://www.cvedetails.com/cve/CVE-2024-2001/

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!