CVE-2024-42020
medium
Veeam CVSS v3 Base Score
5.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Confidentiality
Low
Integrity
Low
Availability
None
Published: September 7, 2024 (614 days ago)
Last Modified: October 27, 2024
Vendor: Veeam
Source: NVD
Vulnerability Report
Generated by CyberWatcher
Description
A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection.