{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T08:37:28.353","vulnerabilities":[{"cve":{"id":"CVE-2024-10033","sourceIdentifier":"secalert@redhat.com","published":"2024-10-16T17:15:13.267","lastModified":"2025-03-26T05:15:39.593","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in aap-gateway. A Cross-site Scripting (XSS) vulnerability exists in the gateway component. This flaw allows a malicious user to perform actions that impact users by using the \"?next=\" in a URL, which can lead to redirecting, injecting malicious script, stealing sessions and data."},{"lang":"es","value":"Se encontró una vulnerabilidad en aap-gateway. Existe una vulnerabilidad de cross-site scripting (XSS) en el componente de puerta de enlace. Esta falla permite que un usuario malintencionado realice acciones que afectan a los usuarios mediante el uso del \"?next=\" en una URL, lo que puede provocar redireccionamientos, inyección de secuencias de comandos maliciosas, robo de sesiones y datos."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_automation_platform:2.5:*:*:*:*:*:*:*","matchCriteriaId":"BE3FEC89-D26D-4144-8298-4276390AE424"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_developer:1.2:*:*:*:*:*:*:*","matchCriteriaId":"EF19DE86-0524-4785-B606-F8E384FD23F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:ansible_inside:1.3:*:*:*:*:*:*:*","matchCriteriaId":"B2C9238C-11E7-42A2-A87B-3B82F1F6DA5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2024:8534","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2024-10033","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2319162","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}}]}