CVE-2024-6892
Aug. 8, 2024, 1:04 p.m.
Tags
Product(s) Impacted
Journyx web application
Description
Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application.
Weaknesses
CWE-81
Improper Neutralization of Script in an Error Message Web Page
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special characters that could be interpreted as web-scripting elements when they are sent to an error page.
CWE ID: 81Date
Published: Aug. 8, 2024, 12:15 a.m.
Last Modified: Aug. 8, 2024, 1:04 p.m.
Status : Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
bbf0bd87-ece2-41be-b873-96928ee8fab9