CVE Vulnerabilities

CVE-2024-26454

Published: Mar 15, 2024 | Modified: Mar 15, 2024

CVSS 3.x

N/A

Source:

NVD

CVSS 2.x

RedHat/V2

RedHat/V3

Ubuntu

Additional information

NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-26454
CWE	https://cwe.mitre.org/data/definitions/.html

A Cross Site Scripting vulnerability in Healthcare-Chatbot through 9b7058a can occur via a crafted payload to the email1 or pwd1 parameter in login.php.

References

https://github.com/OmRajpurkar/Healthcare-Chatbot/issues/4
https://medium.com/%400x0d0x0a/healthcare-chatbot-xss-cve-2024-26454-acf2607bf210

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.