CVE-2024-49502
CVSS V2 None
CVSS V3 None
Description
A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in the Setup Wizard, HTTP Proxy credentials pane in spacewalk-web allows attackers to attack users by providing specially crafted URLs to click.
This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1.
Overview
- CVE ID
- CVE-2024-49502
- Assigner
- suse
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-28T09:26:38.995Z
- Last Modified Date
- 2024-11-28T12:25:17.023Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-49502 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-49502 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-49502 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-29 13:10:24 | Added to TrackCVE |