NVD disclosure day

Published threat advisories for September 19, 2024

CVE advisoryKnown Exploit

CVE-2024-8963

Ivanti CSA Path Traversal Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A path traversal vulnerability in Ivanti CSA allows unauthenticated attackers to access restricted functions. This exposes organizations to unauthorized access and potential disruption of business operations. Organizations should prioritize addressing this vulnerability to mitigate business risk.

NVD published: • CISA KEV
CVE advisoryCRITICAL

CVE-2024-7785

Electronic Ticket System: Cross-Site Scripting Vulnerability

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A cross-site scripting vulnerability exists in an electronic ticket system that affects its ability to handle user input, potentially allowing attackers to execute malicious scripts in user browsers. This could lead to unauthorized access to sensitive data and impact business operations. Organizations using the affecte

NVD published: