CVE-2024-24571

{"id": "CVE-2024-24571", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}, {"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-01-31T23:15:08.110", "references": [{"url": "https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj", "tags": ["Exploit", "Vendor Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation."}, {"lang": "es", "value": "facileManager es un conjunto modular de aplicaciones web creadas pensando en el administrador del sistema. Para las versiones 4.5.0 y anteriores de la aplicaci\u00f3n web facileManager, descubrimos que XSS estaba presente en casi todos los campos de entrada porque no hab\u00eda suficiente validaci\u00f3n de entrada."}], "lastModified": "2024-02-07T17:25:31.677", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:facilemanager:facilemanager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0E110C6-3BD9-442C-9641-29531155410B", "versionEndExcluding": "4.5.1"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}