Unrated severityNVD Advisory· Published Jul 1, 2024· Updated Aug 1, 2024

Reflected XSS in SOWA OPAC

CVE-2024-6050

Description

Improper Neutralization of Input During Web Page Generation vulnerability in SOKRATES-software SOWA OPAC allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects SOWA OPAC software in versions from 4.0 before 4.9.10, from 5.0 before 6.2.12.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Sokrates/SOWA OPACllm-create2 versions
>=4.0, <4.9.10; >=5.0, <6.2.12+ 1 more
- (no CPE)range: >=4.0, <4.9.10; >=5.0, <6.2.12
- (no CPE)range: 4.0

Patches

Vulnerability mechanics

References

cert.pl/en/posts/2024/07/CVE-2024-6050/mitrevendor-advisory
cert.pl/posts/2024/07/CVE-2024-6050/mitrevendor-advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000