216.73.217.86

CVE-2024-7204

· Published 02/08/2024 11:16 · Modified 02/08/2024 12:59

Labels: CVE-2024-7204 2024-08-02CVE-2024-7204CWE-79[email protected]

Essential information

Published
02/08/2024 11:16
Modified
02/08/2024 12:59
Author
Creator
CVSS
6.1 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS metrics

Description

Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once the recipient views the message, they will be subject to a Stored XSS attack.

NVD status

Status
Undergoing Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

References