SecuriTricks - CVE-2024-6892

Product(s) Impacted

Journyx web application

Description

Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application.

Weaknesses

CWE-81

Improper Neutralization of Script in an Error Message Web Page

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page.

CWE ID: 81

Date

Published: Aug. 8, 2024, 12:15 a.m.

Last Modified: Aug. 8, 2024, 1:04 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

bbf0bd87-ece2-41be-b873-96928ee8fab9

CVE-2024-6892

Tags

Product(s) Impacted

Description

Weaknesses

CWE-81

Improper Neutralization of Script in an Error Message Web Page

Date

Status : Undergoing Analysis

Source

References

CVE-2024-6892

Tags

Product(s) Impacted

Description

Weaknesses

CWE-81

Improper Neutralization of Script in an Error Message Web Page

Date

Status : Undergoing Analysis

Source

References

Share