CVE-2024-41911

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.8%
top 25.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
HP Poly Clariti ManagerHP Inc. Poly Clariti Manager
Timeline
PublishedAug 6

Description

A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages2 packages

NVDhp/poly_clariti_manager< 10.12.0.2_100
CVEListV5hp_inc./poly_clariti_managerSee HP Security Bulletin reference for affected versions.

🔴Vulnerability Details

2
GHSA
GHSA-7xp8-p4r3-6rv8: A vulnerability was discovered in the firmware builds up to 102024-08-06
CVEList
CVE-2024-41911: A vulnerability was discovered in the firmware builds up to 102024-08-06
CVE-2024-41911 (MEDIUM CVSS 5.4) | A vulnerability was discovered in t | cvebase.io