An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.
Metrics
Affected Vendors & Products
References
History
Wed, 13 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Veritas
Veritas data Insight |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:veritas:data_insight:*:*:*:*:*:*:*:* | |
Vendors & Products |
Veritas
Veritas data Insight |
Sun, 06 Oct 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. | An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. |
Fri, 04 Oct 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 04 Oct 2024 06:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-04T00:00:00
Updated: 2024-11-26T15:39:50.685Z
Reserved: 2024-10-04T00:00:00
Link: CVE-2024-47854
Vulnrichment
Updated: 2024-10-04T14:52:03.718Z
NVD
Status : Modified
Published: 2024-10-04T06:15:03.027
Modified: 2024-11-26T16:15:15.850
Link: CVE-2024-47854
Redhat
No data.