CVE-2024-41910

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.8%
top 25.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Poly Clariti ManagerHP Inc. Poly Clariti Manager
Timeline
PublishedAug 6

Description

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDhp/poly_clariti_manager< 10.12.0.2_100
CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-hjw6-cjgv-379x: A vulnerability was discovered in the firmware builds up to 102024-08-06
CVEList
CVE-2024-41910: A vulnerability was discovered in the firmware builds up to 102024-08-06
CVE-2024-41910 (MEDIUM CVSS 6.1) | A vulnerability was discovered in t | cvebase.io