JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to version 3.10.0, attackers can exploit this vulnerability to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site scripting attacks. Version 3.10.0 contains a patch for this issue. No known workarounds are available.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Dec 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fit2cloud
Fit2cloud jumpserver |
|
CPEs | cpe:2.3:a:fit2cloud:jumpserver:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fit2cloud
Fit2cloud jumpserver |
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-02-20T17:35:08.825Z
Updated: 2024-08-01T23:28:11.975Z
Reserved: 2024-01-29T20:51:26.011Z
Link: CVE-2024-24763
Vulnrichment
Updated: 2024-08-01T23:28:11.975Z
NVD
Status : Analyzed
Published: 2024-02-20T18:15:52.520
Modified: 2024-12-17T20:03:30.613
Link: CVE-2024-24763
Redhat
No data.