CVE-2024-47486

MEDIUM

HikCentral Master Lite < 2.3.0 - Stored Cross-Site Scripting

Title source: llm
STIX 2.1

Description

There is an XSS vulnerability in some HikCentral Master Lite versions. If exploited, an attacker could inject scripts into certain pages by building malicious data.

Scores

CVSS v3 6.1
EPSS 0.0026
EPSS Percentile 17.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
hikvision/hikcentral_master < 2.3.0
Published Oct 18, 2024
Tracked Since Feb 18, 2026