CVE-2024-7204
CVSS V2 None
CVSS V3 None
Description
Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once the recipient views the message, they will be subject to a Stored XSS attack.
Overview
- CVE ID
- CVE-2024-7204
- Assigner
- twcert
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-02T10:31:38.785Z
- Last Modified Date
- 2024-08-02T10:31:38.785Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.twcert.org.tw/tw/cp-132-7969-7827e-1.html | vendor-advisory |
https://www.twcert.org.tw/en/cp-139-7975-3e810-2.html | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-7204 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7204 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-08-03 13:04:01 | Added to TrackCVE |