CVE-2024-12089 - CERT CVE
ID CVE-2024-12089
Sažetak A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Reference
CVSS
Base: 8.7
Impact: 5.8
Exploitability:2.3
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Zadnje važnije ažuriranje 16-12-2024 - 15:15
Objavljeno 16-12-2024 - 15:15