CVE-2024-22397

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-22397
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in the SonicOS SSLVPN portal allows a remote authenticated attacker as a firewall 'admin' user to store and execute arbitrary JavaScript code.
CVSS

No CVSS.

References
Link Resource
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005
Configurations

No configuration.

History

21 Nov 2024, 08:56

Type Values Removed Values Added
Summary
  • (es) La neutralización inadecuada de la entrada durante la generación de la página web ("Cross-site Scripting") en el portal SonicOS SSLVPN permite a un atacante remoto autenticado como usuario "administrador" del firewall almacenar y ejecutar código JavaScript arbitrario.
References () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005 - () https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0005 -

14 Mar 2024, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-14 04:15

Updated : 2024-11-21 08:56

NVD link : CVE-2024-22397

Mitre link : CVE-2024-22397

CVE.ORG link : CVE-2024-22397

JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024