F-logic DataCube3 Version 1.0 is affected by a reflected cross-site scripting (XSS) vulnerability due to improper input sanitization. An authenticated, remote attacker can execute arbitrary JavaScript code in the web management interface.
References
Configurations
No configuration.
History
21 Nov 2024, 09:01
Type | Values Removed | Values Added |
---|---|---|
References | () https://neroteam.com/blog/f-logic-datacube3-vulnerability-report - |
20 Aug 2024, 20:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
Summary |
|
29 Feb 2024, 01:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-02-29 01:44
Updated : 2024-11-21 09:01
NVD link : CVE-2024-25831
Mitre link : CVE-2024-25831
CVE.ORG link : CVE-2024-25831
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')