How severe is CVE-2024-46976?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2024-46976?

This is classified as CWE-693, which is a common weakness in software security.

CVE-2024-46976

MEDIUM Year: 2024

CVSS v3 Score

5.4

Medium

Weakness Type

CWE-693

View all →

Vulnerability Description

Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2019-13924

MEDIUM

CVSS:5.4(Medium)

A vulnerability has been identified in SCALANCE S602 (All versions < V4.1), SCALANCE S612 (All versions < V4.1), SCALANCE S623 (All versions < V4.1), SCALANCE S627-2M (All versions < V4.1), SCALANCE X...

CWE-6932019

CVE-2021-32729

MEDIUM

CVSS:5.4(Medium)

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A vulnerability exists in versions prior to 12.6.88, 12.10.4, and 13.0. The script service meth...

CWE-6932021

CVE-2024-20438

MEDIUM

CVSS:5.4(Medium)

A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists because of...

CWE-6932024