CVE-2024-3776
CVSS V2 None
CVSS V3 None
Description
The parameter used in the login page of Netvision airPASS is not properly filtered for user input. An unauthenticated remote attacker can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.
Overview
- CVE ID
- CVE-2024-3776
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-15T02:58:41.818Z
- Last Modified Date
- 2024-06-04T17:32:46.367Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.twcert.org.tw/tw/cp-132-7730-584e3-1.html | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-3776 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3776 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-23 23:45:24 | Added to TrackCVE |