Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings.This issue affects PosPratik: before v3.2.1.
History

Wed, 06 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Bna
Bna pospratik
Weaknesses CWE-79
CPEs cpe:2.3:a:bna:pospratik:*:*:*:*:*:*:*:*
Vendors & Products Bna
Bna pospratik
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


Mon, 04 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared Bnabilisim
Bnabilisim pospratik
CPEs cpe:2.3:a:bnabilisim:pospratik:*:*:*:*:*:*:*:*
Vendors & Products Bnabilisim
Bnabilisim pospratik
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 04 Nov 2024 13:00:00 +0000

Type Values Removed Values Added
Description Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Bna Informatics PosPratik allows XSS Through HTTP Query Strings.This issue affects PosPratik: before v3.2.1.
Title HTML Injection in Bna Informatics' PosPratik
Weaknesses CWE-80
References
Metrics cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: TR-CERT

Published: 2024-11-04T12:37:09.146Z

Updated: 2024-11-04T14:17:16.491Z

Reserved: 2024-09-24T12:44:48.977Z

Link: CVE-2024-9147

cve-icon Vulnrichment

Updated: 2024-11-04T14:16:55.846Z

cve-icon NVD

Status : Analyzed

Published: 2024-11-04T13:17:06.120

Modified: 2024-11-06T15:53:59.983

Link: CVE-2024-9147

cve-icon Redhat

No data.