CVE-2024-47158

N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website.
References
Link Resource
https://jvn.jp/en/jp/JVN57285747/ Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:neumann:n-line:*:*:*:*:*:*:*:*

History

06 Nov 2024, 17:10

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN57285747/ - () https://jvn.jp/en/jp/JVN57285747/ - Third Party Advisory
CPE cpe:2.3:a:neumann:n-line:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : 7.4
v2 : unknown
v3 : 5.4
First Time Neumann n-line
Neumann

25 Oct 2024, 12:56

Type Values Removed Values Added
Summary
  • (es) N-LINE 2.0.6 y las versiones anteriores contienen una vulnerabilidad de inyección de código. Si se aprovecha esta vulnerabilidad, se puede ejecutar código arbitrario en el navegador del instructor o se puede dirigir al instructor a un sitio web malicioso.

25 Oct 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-25 08:15

Updated : 2024-11-06 17:10


NVD link : CVE-2024-47158

Mitre link : CVE-2024-47158

CVE.ORG link : CVE-2024-47158


JSON object : View

Products Affected

neumann

  • n-line
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')