Description

JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism.

Remediation

References

CVE-2024-2247

Related Vulnerabilities

Sqlite Use After Free Vulnerability (CVE-2019-5018)

MediaWiki Other Vulnerability (CVE-2013-4567)

Apache HTTP Server Other Vulnerability (CVE-2003-0189)

Oracle Application Server CVE-2009-0974 Vulnerability (CVE-2009-0974)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-3092)

Severity

Medium

Classification

CVE-2024-2247 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities