CVE-2024-24763

Name of the Vulnerable Software and Affected Versions JumpServer versions prior to 3.10.0

Description The issue affects JumpServer, an open source bastion host and operation and maintenance security audit system. Attackers can exploit this to construct malicious links, leading users to click on them, thereby facilitating phishing attacks or cross-site scripting attacks.

Recommendations For versions prior to 3.10.0, update to version 3.10.0 to resolve the issue. As a temporary workaround, consider restricting user access to links from untrusted sources until the update is applied.