How severe is CVE-2024-47590?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2024-47590?

This is classified as CWE-791, which is a common weakness in software security.

CVE-2024-47590 - HIGH Severity | CVSS 8.8

Vulnerability Description

An unauthenticated attacker can create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, input data will be used by the web site page generation to create content which when executed in the victim's browser (XXS) or transmitted to another server (SSRF) gives the attacker the ability to execute arbitrary code on the server fully compromising confidentiality, integrity and availability.

Related Vulnerabilities

CVE-2022-2132

HIGH

CVSS:8.6(High)

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CWE-7912022

CVE-2024-39283

HIGH

CVSS:7.8(High)

Incomplete filtering of special elements in Intel(R) TDX module software before version TDX_1.5.01.00.592 may allow an authenticated user to potentially enable escalation of privilege via local access...

CWE-7912024

CVE-2023-31172

HIGH

CVSS:7.4(High)

An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be ...

CWE-7912023

CVE-2022-2132

HIGH

CVSS:8.6(High)

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CWE-7912022

CVE-2024-39283

HIGH

CVSS:7.8(High)

CWE-7912024

CVE-2023-31172

HIGH

CVSS:7.4(High)

CWE-7912023