VYPR
Unrated severityNVD Advisory· Published May 19, 2024· Updated Feb 13, 2025

CVE-2024-36076

CVE-2024-36076

Description

Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • SysReptor/Sysreptorcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: >=2024.28, <=2024.30

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.