Home > Vulnerability Database > CVE-2024-4174

Mend.io Vulnerability Database

CVE-2024-4174

Date: April 25, 2024

Cross-Site Scripting (XSS) vulnerability in Hyperion Web Server affecting version 2.0.15. This vulnerability could allow an attacker to execute malicious Javascript code on the client by injecting that code into the URL.

Language: C++

Severity Score

5.4

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-4174

Url: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-hyperion-web-server

Url: https://www.mend.io/vulnerability-database/CVE-2024-4174

Severity Score

5.4

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

CVSS v3.1

Base Score:	5.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-4174

Date: April 25, 2024

Language: C++

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?