Security Advisory

CVE-2024-22854

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-16 00:00:00

Last updated 2024-08-16 17:58:22

Assigner mitre

State PUBLISHED

Description

DOM-based HTML injection vulnerability in the main page of Darktrace Threat Visualizer version 6.1.27 (bundle version 61050) and before has been identified. A URL, crafted by a remote attacker and visited by an authenticated user, allows open redirect and potential credential stealing using an injected HTML form.

← Browse all CVEs View on cve.org ↗