CVE-2024-47863

{"id": "CVE-2024-47863", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 1.7}]}, "published": "2024-11-22T20:15:09.060", "references": [{"url": "https://github.com/centreon/centreon/releases", "source": "[email protected]"}, {"url": "https://thewatch.centreon.com/latest-security-bulletins-64/cve-2024-47863-centreon-web-medium-severity-4059", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Centreon Web 24.10.x before 24.10.0, 24.04.x before 24.04.8, 23.10.x before 23.10.18, 23.04.x before 23.04.23, and 22.10.x before 22.10.26. A stored XSS was found in the user configuration contact name field. This form is only accessible to authenticated users with high-privilege access."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Centreon Web hasta la versi\u00f3n 24.10. Se encontr\u00f3 un XSS almacenado en el campo de nombre de contacto de configuraci\u00f3n de usuario. Solo los usuarios autenticados con acceso con privilegios elevados pueden acceder a este formulario."}], "lastModified": "2024-11-25T18:15:13.063", "sourceIdentifier": "[email protected]"}