CVE-2024-9103 | THREATINT

Description

Improper Neutralization of Script in Attributes in a Web Page vulnerability in Forcepoint Email Security (Blocked Messages module) allows Stored XSS. This issue affects Email Security through 8.5.5.

Reserved 2024-09-23 | Published 2025-03-24 | Updated 2025-03-24 | Assigner forcepoint

MEDIUM: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Problem types

CWE-83: Improper Neutralization of Script in Attributes in a Web Page

Product status

Default status

unaffected

Any version

affected

Credits

Anis Messaoudi and CPA Bank finder

References

support.forcepoint.com/...Persistent-XSS-in-Blocked-Messages

cve.org (CVE-2024-9103)

nvd.nist.gov (CVE-2024-9103)

Download JSON