Detections
Analytics
CVE-2024-49503
medium
Description
A Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SUSE manager allows attackers to execute Javascript code in the organization credentials sub page. This issue affects Container suse/manager/5.0/x86_64/server:5.0.2.7.8.1: before 5.0.15-150600.3.10.2; SUSE Manager Server Module 4.3: before 4.3.42-150400.3.52.1.
References
Details
Published: 2024-11-28
Updated: 2024-11-28
Risk Information
CVSS v2
Base Score: 4.7
Vector: CVSS2#AV:N/AC:L/Au:M/C:P/I:P/A:N
Severity: Medium
CVSS v3
Base Score: 3.5
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N
Severity: Low
CVSS v4
Base Score: 4.6
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Severity: Medium