Reflected XSS Vulnerability in ADIF Log Search Widget
CVE-2024-49238
6.1MEDIUM
Key Information
- Vendor
- M. Konieczny, Dh9sb
- Status
- Adif Log Search Widget
- Vendor
- CVE Published:
- 18 October 2024
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in M. Konieczny, DH9SB ADIF Log Search Widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through 1.0f.
Affected Version(s)
ADIF Log Search Widget <= 1.0f
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Le Ngoc Anh (Patchstack Alliance)