CVE-2024-7873 CRITICAL

CVE-2024-7873: Stored XSS in Veribilim Software's Veribase Order Management

Vendor Veribilim Software

Product Veribase Order

Weakness CWE-79 · XSS

Published September 17, 2024

Last update June 2, 2026

View on NVD All CVEs

CVSS base score

9.4/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'), Improper Encoding or Escaping of Output, CWE - 83 Improper Neutralization of Script in Attributes in a Web Page vulnerability in Veribilim Software Veribase Order allows Stored XSS, Cross-Site Scripting (XSS), Exploit Script-Based APIs, XSS Through HTTP Headers. This issue affects Veribase Order: before v4.010.3.

Key dates

02Disclosure timeline

September 17, 2024 CVE published

June 2, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-7873

Related vulnerabilities

CVE-2024-7873: Stored XSS in Veribilim Software's Veribase Order Management

01Description

02Disclosure timeline

03References

04Related CVE