CVE-2024-25155

CVSS V2 None CVSS V3 None
Description
In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subsequent error page. A malicious actor could craft a URL which would then execute arbitrary code within an HTML script tag. 
Overview
  • CVE ID
  • CVE-2024-25155
  • Assigner
  • Fortra
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-13T14:15:54.156Z
  • Last Modified Date
  • 2024-03-13T14:15:54.156Z
History
Created Old Value New Value Data Type Notes
2024-06-26 12:42:11 Added to TrackCVE