CVE-2024-9877

MEDIUM Year: 2024
CVSS v3 Score
4.3
Medium
Weakness Type
CWE-598
View all →

Vulnerability Description

: Use of GET Request Method With Sensitive Query Strings vulnerability in ABB ANC, ABB ANC-L, ABB ANC-mini.This issue affects ANC: through 1.1.4; ANC-L: through 1.1.4; ANC-mini: through 1.1.4.

Related Vulnerabilities

CVE-2025-26058

MEDIUM
CVSS:4.2(Medium)

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens dire...

CWE-5982025

CVE-2025-3943

MEDIUM
CVSS:4.1(Medium)

Use of GET Request Method With Sensitive Query Strings vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Parameter In...

CWE-5982025

CVE-2025-0730

MEDIUM
CVSS:3.7(Low)

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. 40304. Affected is an unknown function of the file /usr_account_set.cgi of the component HTTP GE...

CWE-5982025

CVE-2025-2356

MEDIUM
CVSS:3.7(Low)

A vulnerability was found in BlackVue App 3.65 on Android. It has been classified as problematic. This affects the function deviceDelete of the component API Handler. The manipulation leads to use of ...

CWE-5982025

CVE-2021-21594

MEDIUM
CVSS:5.3(Medium)

Dell PowerScale OneFS versions 8.2.2 - 9.1.0.x contain a use of get request method with sensitive query strings vulnerability. It can lead to potential disclosure of sensitive data. Dell recommends up...

CWE-5982021

CVE-2023-25524

MEDIUM
CVSS:5.3(Medium)

NVIDIA Omniverse Workstation Launcher for Windows and Linux contains a vulnerability in the authentication flow, where a user’s access token is displayed in the browser user's address bar. An attacker...

CWE-5982023