Description

Mobile Security Framework (MobSF) is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to the system. When users in the application use the "Diff or Compare" functionality, they are affected by a Stored Cross-Site Scripting vulnerability. This vulnerability is fixed in 4.2.9.

INFO

Published Date :

2024-12-03T15:39:32.625Z

Last Modified :

2024-12-03T17:00:14.581Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53999 vulnerability.

Vendors Products
Mobsf
  • Mobile Security Framework
Opensecurity
  • Mobile Security Framework
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53999.

URL Resource
https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/27d165872847f5ae7417caf09f37edeeba741e1e cve-icon cve-icon
https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-5jc6-h9w7-jm3p cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact