1 results (0.003 seconds)
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-4176
https://notcve.org/view.php?id=CVE-2024-4176
13 Jun 2024 — An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim's browser for sending carefully crafted malicious links to the EDR XConsole end user. Una vulnerabilidad de cross-site scripting en EDR XConsole antes de esta versión permitía a un atacante aprovechar potencialmente una inyección XSS/HTML utilizando variables de línea de coma... • https://thrive.trellix.com/s/article/000013455 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •