CVE-2024-11479

Published Dec 4, 2024

Last updated 3 months ago

CVSS medium 5.1

Overview

Description: A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will render in the emails sent to all users on that ticket.
Source: b7efe717-a805-47cf-8e9a-921fca0ce0ce
NVD status: Received

Risk scores

CVSS 4.0

Type: Secondary
Base score: 5.1
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: MEDIUM

Weaknesses

b7efe717-a805-47cf-8e9a-921fca0ce0ce: CWE-79

Hype score: Not currently trending

CVE-2024-11479 A HTML Injection vulnerability was identified in Issuetrak version 17.1 that could be triggered by an authenticated user. HTML markup could be added to comments of tickets, which when submitted will... https://t.co/F5TMWHIIXS
@VulmonFeeds
4 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References