mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
37 lines
1.4 KiB
JSON
37 lines
1.4 KiB
JSON
{
|
|
"id": "CVE-2024-28128",
|
|
"sourceIdentifier": "vultures@jpcert.or.jp",
|
|
"published": "2024-03-18T08:15:06.400",
|
|
"lastModified": "2024-03-18T12:38:25.490",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Existe una vulnerabilidad de cross-site scripting en las versiones de FitNesse anteriores a 20220319, lo que puede permitir que un atacante remoto no autenticado ejecute un script arbitrario en el navegador web del usuario que utiliza el producto y accede a un enlace con un determinado par\u00e1metro especialmente manipulado."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "http://fitnesse.org/FitNesseDownload",
|
|
"source": "vultures@jpcert.or.jp"
|
|
},
|
|
{
|
|
"url": "https://github.com/unclebob/fitnesse",
|
|
"source": "vultures@jpcert.or.jp"
|
|
},
|
|
{
|
|
"url": "https://github.com/unclebob/fitnesse/blob/master/SECURITY.md",
|
|
"source": "vultures@jpcert.or.jp"
|
|
},
|
|
{
|
|
"url": "https://jvn.jp/en/jp/JVN94521208/",
|
|
"source": "vultures@jpcert.or.jp"
|
|
}
|
|
]
|
|
} |