PT-2024-29548 · Unknown · Hyperion Web Server

Raúl Fuentes Ferrer

Published

2024-04-25

Updated

2024-04-25

CVE-2024-4174

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Hyperion Web Server version 2.0.15

Description The issue is a Cross-Site Scripting (XSS) vulnerability that could allow an attacker to execute malicious Javascript code on the client by injecting that code into the URL.

Recommendations For Hyperion Web Server version 2.0.15, update to a version that includes a fix for this issue, as no specific workaround is provided for this version.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2024-4174

Affected Products

Hyperion Web Server

PT-2024-29548 · Unknown · Hyperion Web Server

CVE-2024-4174

Weakness Enumeration

Related Identifiers

Affected Products

References · 3