ГлавнаяУязвимости → CVE-2024-26362
8.8высокая

CVE-2024-26362

Описание

HTML injection vulnerability in Enpass Password Manager Desktop Client 6.9.2 for Windows and Linux allows attackers to run arbitrary HTML code via creation of crafted note.

Затрагиваемое ПО
Enpass Password managerLinux Linux kernelMicrosoft Windows
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://packetstormsecurity.com/files/177075/Enpass-Desktop-Application-6.9.2-HTML-Injection.htmlhttps://packetstormsecurity.com/files/177075/Enpass-Desktop-Application-6.9.2-HTML-Injection.html