CVE-2024-55541

Published Jan 2, 2025

Last updated 2 months ago

CVSS low 3.1

Overview

Description
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
Source
security@acronis.com
NVD status
Received

Risk scores

CVSS 3.0

Type
Secondary
Base score
3.1
Impact score
1.4
Exploitability score
1.6
Vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
Severity
LOW

Weaknesses

security@acronis.com
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2024-55541 Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux,… https://t.co/q0FQD0PF9j

    @CVEnew

    3 Jan 2025

    356 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References