CVE-2024-44088
Vulnerability Description
Malicious script injection ('Cross-site Scripting') vulnerability in Apache Geode web-api (REST). This vulnerability allows an attacker that tricks a logged-in user into clicking a specially-crafted link to execute code on the returned page, which could lead to theft of the user's session information and even account takeover.
This issue affects Apache Geode: all versions prior to 1.15.2
Users are recommended to upgrade to version 1.15.2, which fixes the issue.
This issue affects Apache Geode: all versions prior to 1.15.2
Users are recommended to upgrade to version 1.15.2, which fixes the issue.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!