VDB
CVE-2024-47530
CVE-2024-47530
PUBLISHED
CVSS 5.400000095367432 MEDIUM
Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lack of scheme validation, HTTPS Downgrade Attack can be performed on the users. This vulnerability is fixed in 4.89.
EPSS 0.16% · 37.0th percentile
Risk Scores
CVSS 3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS Score
0.16%
37.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Clinical-Genomics | scout | * |
| clinical-genomics | scout | 0 |
| clinical-genomics | scout | 0 |
Timeline
- Jan 21, 1970 Security Advisory
- Sep 30, 2024 CVE Published
- Sep 30, 2024 CVE Updated
- Oct 1, 2024 EPSS Score
- Oct 4, 2024 Coalition ESS Score
- Oct 20, 2024 EPSS Score
- Nov 8, 2024 EPSS Score
- Nov 15, 2024 Coalition ESS Score
- Nov 27, 2024 EPSS Score
- Dec 18, 2024 EPSS Score
- Jan 6, 2025 EPSS Score
- Jan 25, 2025 EPSS Score