CVE-2024-41805

CVSS V2 None CVSS V3 None
Description
Tracks, a Getting Things Done (GTD) web application, is vulnerable to reflected cross-site scripting in versions prior to 2.7.1. Reflected cross-site scripting enables execution of malicious JavaScript in the context of a user’s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to credential theft. Tracks version 2.7.1 is patched. No known complete workarounds are available.
Overview
  • CVE ID
  • CVE-2024-41805
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-07-26T14:51:02.015Z
  • Last Modified Date
  • 2024-07-26T17:45:20.763Z
History
Created Old Value New Value Data Type Notes
2024-07-27 13:05:25 Added to TrackCVE