CVE-2024-25155
CVSS V2 None
CVSS V3 None
Description
In FileCatalyst Direct 3.8.8 and earlier through 3.8.6, the web server does not properly sanitize illegal characters in a URL which is then displayed on a subsequent error page. A malicious actor could craft a URL which would then execute arbitrary code within an HTML script tag.
Overview
- CVE ID
- CVE-2024-25155
- Assigner
- Fortra
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-03-13T14:15:54.156Z
- Last Modified Date
- 2024-03-13T14:15:54.156Z
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-25155 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25155 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-26 12:42:11 | Added to TrackCVE |