CVE-2024-50414

MEDIUM Year: 2024
CVSS v3 Score
5.9
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in VirusTran Button contact VR allows Stored XSS.This issue affects Button contact VR: from n/a through 4.7.9.1.

Related Vulnerabilities

CVE-2018-6682

MEDIUM
CVSS:5.9(Medium)

Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site.

CWE-792018

CVE-2019-14415

MEDIUM
CVSS:5.9(Medium)

An issue was discovered in Veritas Resiliency Platform (VRP) before 3.4 HF1. A persistent cross-site scripting (XSS) vulnerability allows a malicious VRP user to inject malicious script into another u...

CWE-792019

CVE-2019-7000

MEDIUM
CVSS:5.9(Medium)

A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura Conferencing may allow code execution and potentially disclose sensitive information. Affected versions of Avaya Aura Conferencin...

CWE-792019

CVE-2020-13407

MEDIUM
CVSS:5.9(Medium)

Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or a...

CWE-792020

CVE-2020-13408

MEDIUM
CVSS:5.9(Medium)

Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or a...

CWE-792020

CVE-2020-13409

MEDIUM
CVSS:5.9(Medium)

Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or a...

CWE-792020