Home

Description

Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list.

PUBLISHED Reserved 2024-11-17 | Published 2025-04-27 | Updated 2025-04-28 | Assigner checkpoint




LOW: 3.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Problem types

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

Product status

Check Point Mobile Access versions R81.10, R81.20, R82
affected

References

support.checkpoint.com/results/sk/sk183054

cve.org (CVE-2024-52887)

nvd.nist.gov (CVE-2024-52887)

Download JSON