CVE-2024-10923

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Nov 12, 2024

Updated: Nov 13, 2024

Summary

CVE-2024-10923 is an XSS (Cross-site Scripting) vulnerability identified in OpenText™ ALM Octane Management. Hackers can exploit this Stored XSS flaw to inject malicious scripts into web pages viewed by other users. The impact of this vulnerability is significant as it could potentially lead to remote code execution attacks. Affected versions of ALM Octane Management range from 16.2.100 to 24.4. All users are urged to upgrade to a patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/0RUnqK
https://www.cve.org/CVERecord?id=CVE-2024-10923
https://nvd.nist.gov/vuln/detail/CVE-2024-10923

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners

CVE-2024-10923

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations