Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-52762

A cross-site scripting (XSS) vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the "tz" parameter.

Published

2024-11-19T21:15:06.580

Last Modified

2024-11-29T21:00:39.843

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Primary
CWE-79
Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ganglia	ganglia-web	≤ 3.76	Yes

References

https://github.com/ganglia/ganglia-web/issues/382 Exploit, Issue Tracking ([email protected])