Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-10033


A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the "?next=" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data.


Published

2024-10-16T17:15:13.267

Last Modified

2025-03-26T05:15:39.593

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses
  • Type: Primary
    CWE-79

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application redhat ansible_automation_platform 2.5 Yes
Application redhat ansible_developer 1.2 Yes
Application redhat ansible_inside 1.3 Yes
Operating System redhat enterprise_linux 8.0 No
Operating System redhat enterprise_linux 9.0 No

References