CVE-2024-0318 Information

Description

Cross-Site Scripting in FireEye HXTool affecting version 4.6. This vulnerability allows an attacker to store a specially crafted JavaScript payload in the ‘Profile Name’ and ‘Hostname/IP’ parameters that will be triggered when items are loaded.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fireeye-products