Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-49505

UNKNOWN
Published 2024-11-13T14:21:00.317Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-49505. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the  REGEX and P parameters.
This issue affects MirrorCache before 1.083.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

openSUSE

Tumbleweed

Affected Versions:

0
suse

opensuse_tumbleweed

Affected Versions:

0

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-r8pg-c8jf-gm8p

Advisory Details

A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the  REGEX and P parameters. This issue affects MirrorCache before 1.083.

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-49505
WEB https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49505

Advisory provided by GitHub Security Advisory Database. Published: November 13, 2024, Modified: November 14, 2024

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49505
Published: 2024-11-13T14:21:00.317Z
Last Modified: 2024-11-13T18:38:11.311Z
Copied to clipboard!