CVE-2024-52890
MEDIUMDescription
IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.03 could be susceptible to cross-site scripting due to no validation of URIs.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ibm | engineering_lifecycle_optimization |
| ibm | engineering_lifecycle_optimization |
References
Advisories & Patches
Frequently Asked Questions
What is CVE-2024-52890? +
How severe is CVE-2024-52890? +
What products are affected by CVE-2024-52890? +
How do I check if I'm vulnerable to CVE-2024-52890? +
Related Vulnerabilities
The MCP inspector is a developer tool for testing and debugging MCP servers. A cross-site scripting issue was reported in …
Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile (Android/iOS) device variants of Collabora …
An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user information via …
An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information …
An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying …
An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information …