PT-2024-25461 · Unknown · Mvnrepository Ms Basic+1
Fr1Ezy
·
Published
2024-05-07
·
Updated
2024-07-03
·
CVE-2024-33748
CVSS v3.1
4.1
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
MvnRepository MS Basic versions 2.1.18.3 and earlier
Maven net.mingsoft MS Basic versions 2.1.13.4 and earlier
Description
The issue is related to a cross-site scripting (XSS) vulnerability in the search function. This type of vulnerability allows attackers to inject malicious scripts into websites, potentially leading to unauthorized access or control of user sessions.
Recommendations
For MvnRepository MS Basic versions 2.1.18.3 and earlier, consider disabling the search function until a patch is available.
For Maven net.mingsoft MS Basic versions 2.1.13.4 and earlier, restrict access to the search functionality to minimize the risk of exploitation.
As a temporary workaround, avoid using the search function in affected versions of both products until the issue is resolved.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Maven Net.Mingsoft Ms Basic
Mvnrepository Ms Basic