CVE-2024-4176 Information

Description

An Cross site scripting vulnerability in the EDR XConsole before this release allowed an attacker to potentially leverage an XSS/HTML-Injection using command line variables. A malicious threat actor could execute commands on the victim’s browser for sending carefully crafted malicious links to the EDR XConsole end user.

Reference

https://thrive.trellix.com/s/article/000013455