CVE-2024-49378 - CERT CVE
ID CVE-2024-49378
Sažetak smartUp, a web browser mouse gestures extension, has a universal cross-site scripting issue in the Edge and Firefox versions of smartUp 7.2.622.1170. The vulnerability allows another extension to execute arbitrary code in the context of the user’s tab. As of time of publication, no known patches exist.
Reference
CVSS
Base: 6.1
Impact: 2.7
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:L
Zadnje važnije ažuriranje 28-10-2024 - 13:58
Objavljeno 25-10-2024 - 13:15