Products
Veribilim Software Veribase Order
- before v4.010.3
Source
iletisim@usom.gov.tr
Tags
CVE-2024-7873 details
Published : Sept. 17, 2024, 1:15 p.m.
Last Modified : Sept. 17, 2024, 1:15 p.m.
Last Modified : Sept. 17, 2024, 1:15 p.m.
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Encoding or Escaping of Output, CWE - 83 Improper Neutralization of Script in Attributes in a Web Page vulnerability in Veribilim Software Veribase Order allows Stored XSS, Cross-Site Scripting (XSS), Exploit Script-Based APIs, XSS Through HTTP Headers.This issue affects Veribase Order: before v4.010.3.
CVSS Score
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 |
|---|
Weakness
| Weakness | Name | Description |
|---|---|---|
| CWE-116 | Improper Encoding or Escaping of Output | The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. |
References
| URL | Source |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-1485 | iletisim@usom.gov.tr |
This website uses the NVD API, but is not approved or certified by it.