An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.
History

Wed, 13 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Veritas
Veritas data Insight
Weaknesses CWE-79
CPEs cpe:2.3:a:veritas:data_insight:*:*:*:*:*:*:*:*
Vendors & Products Veritas
Veritas data Insight

Sun, 06 Oct 2024 20:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user. An XSS vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.

Fri, 04 Oct 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 04 Oct 2024 06:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject an arbitrary web script into an HTTP request that could reflect back to an authenticated user without sanitization if executed by that user.
References
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:C/UI:R'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-10-04T00:00:00

Updated: 2024-11-26T15:39:50.685Z

Reserved: 2024-10-04T00:00:00

Link: CVE-2024-47854

cve-icon Vulnrichment

Updated: 2024-10-04T14:52:03.718Z

cve-icon NVD

Status : Modified

Published: 2024-10-04T06:15:03.027

Modified: 2024-11-26T16:15:15.850

Link: CVE-2024-47854

cve-icon Redhat

No data.