← back
CVE-2024-52268

CVE-2024-52268

CVSS 4.8 MEDIUMEPSS 0.3%CWE-79
Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing the web site using the product.
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Affected products
Vektor,Inc. · VK All in One Expansion Unit

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://jvn.jp/en/jp/JVN05136799/https://vektor-inc.co.jp/en/update/regarding-vulnerabilities-in-vk-all-in-one-expansion-unit-version-9-100-0-and-earlier/