CVE-2024-28128
- Source
- https://cve.org/CVERecord?id=CVE-2024-28128
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-28128.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-28128
- Aliases
- Published
- 2024-03-18T07:31:34.749Z
- Modified
- 2026-05-28T03:55:23.248717481Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Cross-site scripting vulnerability exists in FitNesse releases prior to 20220319, which may allow a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product and accessing a link with a specially crafted certain parameter.
- Database specific
{ "cna_assigner": "jpcert", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/28xxx/CVE-2024-28128.json" }- References
-
- http://fitnesse.org/FitNesseDownload
- https://github.com/unclebob/fitnesse/blob/master/SECURITY.md
- https://jvn.jp/en/jp/JVN94521208/
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/28xxx/CVE-2024-28128.json
- https://nvd.nist.gov/vuln/detail/CVE-2024-28128
- https://github.com/unclebob/fitnesse
Affected packages
Git / github.com/unclebob/fitnesse
Affected ranges
- Type
- GIT
- Repo
- https://github.com/unclebob/fitnesse
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
20090112
20090214
20090321
20090513
20090818
20091121
20100103
20110104
20130530
20131110
20140201
20150106
20150114
20150119
20150202
20150217
20150218
20150223
20150226
20150424
20150814
20151230
20160515
20160618
20161105
20161106
20171015
20171210
20171212
20180127
20181221
20181222
20181223
20181224
20190110
20190118
20190119
20190127
20190202
20190216
20190224
20190406
20190409
20190416
20190417
20190418
20190421
20190428
20190508
20190620
20190628
20190716
20191110
20191217
20191229
20200108
20200128
20200205
20200304
20200307
20200308
20200404
20200501
20201213
20210410
20210516
20210605
20210606
20211006
20211030
v20121009
v20130911
v20131001
v20131003
v20131015
v20131016
v20131119
v20140130
v20140203