CVE-2024-9841Cross-site Scripting in Arcsight Management Center

CWE-79Cross-site Scripting3 documents3 sources
Severity
7.0HIGHNVD
EPSS
0.9%
top 24.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Opentext Arcsight Management CenterOpentext Arcsight PlatformMicrofocus Arcsight Management Center+1 more
Timeline
PublishedNov 8

Description

A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:L/SC:L/SI:L/SA:N

Affected Packages4 packages

CVEListV5opentext/arcsight_platform< 24.2.2

🔴Vulnerability Details

2
CVEList
OpenText ArcSight Management Center and ArcSight Platform Stored XSS2024-11-08
GHSA
GHSA-7r42-p46c-33g2: A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform2024-11-08
CVE-2024-9841 — Cross-site Scripting | cvebase