CVE-2024-8521 Vulnerability Details

  /     /     /  

CVE-2024-8521 Metadata Quick Info

CVE Published: 07/09/2024 | CVE Updated: 09/09/2024 | CVE Year: 2024
Source: VulDB | Vendor: n/a | Product: Wavelog
Status : PUBLISHED

CVE-2024-8521 Description

A vulnerability, which was classified as problematic, was found in Wavelog up to 1.8.0. Affected is the function index of the file /qso of the component Live QSO. The manipulation of the argument manual leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.8.1 is able to address this issue. The patch is identified as b31002cec6b71ab5f738881806bb546430ec692e. It is recommended to upgrade the affected component.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-79
CWE Name: CWE-79 Cross Site Scripting
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).

Last added CVEs

▸ CVE-2024-9999 ◂
Discovered: 12/11/2024
Status: PUBLISHED
▸ CVE-2024-9997 ◂
Discovered: 29/10/2024
Status: PUBLISHED
▸ CVE-2024-9996 ◂
Discovered: 29/10/2024
Status: PUBLISHED



Tags:
CVE-2024-8521 Vulnerability Details