Overview
- Description
- UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. This allows attackers to perform XSS via an SVG document, which can be used to steal cookies.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 5.4
- Impact score
- 2.7
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:L
- Severity
- MEDIUM
Weaknesses
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-79
Social media
- Hype score
- Not currently trending
CVE-2024-50637 Cross Site Scripting in UnoPim 0.1.3 User Creation Exploit In UnoPim version 0.1.3 and earlier, there's a Cross Site Scripting (XSS) vulnerability in the Create User feature. This flaw lets attacke... https://t.co/ZgVFXogNMs
@VulmonFeeds
6 Nov 2024
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50637 UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. ¶¶ The vulnerability allows attackers to perform XSS in SVG file exten… https://t.co/trzv2BjaXr
@CVEnew
6 Nov 2024
566 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes