CVE-2024-41810

Scores

EPSS

0.678medium67.8%

0%20%40%60%80%100%

Percentile: 67.8%

CVSS

4.2medium3.x

0246810

CVSS Score: 4.2/10

All CVSS Scores

CVSS 3.x

4.2

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

Description

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

anchore_overridesastradebiannvdredhatubuntu

CWEs

CWE-79

Related Vulnerabilities

BDU:2025-04172

Vulnerable Software (11)

Type: Configuration

Operating System:

Trait:

{  "children": [    {      "cpe_match": [        {          "cpe23uri": "cpe:2.3:a:twisted:twisted:*:*:*:*:*:python:*:*",          "versionEndExcluding": "24.7.0rc1"        }      ],      "ne...

{  "children": [    {      "cpe_match": [        {          "cpe23uri": "cpe:2.3:a:twisted:twisted:*:*:*:*:*:python:*:*",          "versionEndExcluding": "24.7.0rc1"        }      ],      "negate": false,      "operator": "OR"    },    {      "cpe_match": [        {          "cpe23uri": "cpe:2.3:a:twistedmatrix:twisted:*:*:*:*:*:python:*:*",          "versionEndExcluding": "24.7.0rc1"        }      ],      "negate": false,      "operator": "OR"    }  ],  "operator": "OR"}

Source: anchore_overrides

Type: Configuration

Product: automation-controller

Operating System: rhel

Trait:

{  "fixed": "4.5.12-1.el8ap"}

Source: redhat

Type: Configuration

Product: automation-controller

Operating System: rhel

Trait:

{  "fixed": "4.5.12-1.el9ap"}

Source: redhat

Type: Configuration

Product: twisted

Operating System: ubuntu focal 20.04

Trait:

{  "fixed": "18.9.0-11ubuntu0.20.04.4"}

Source: ubuntu

Type: Configuration

Product: twisted

Operating System: ubuntu jammy 22.04

Trait:

{  "fixed": "22.1.0-2ubuntu2.5"}

Source: ubuntu

Type: Configuration

Product: twisted

Operating System: ubuntu noble 24.04

Trait:

{  "fixed": "24.3.0-1ubuntu0.1"}

Source: ubuntu

Type: Configuration

Product: twisted

Operating System: ubuntu oracular 24.10

Trait:

{  "unaffected": true}

Source: ubuntu

Type: Configuration

Product: twisted

Operating System: debian

Trait:

{  "fixed": "24.7.0-1"}

Source: debian

Type: Configuration

Product: twisted

Operating System: astra 1.7.7.6

Trait:

{  "unaffected": true}

Source: astra

Type: Configuration

Product: twisted

Operating System: astra 4.7.7.4

Trait:

{  "unaffected": true}

Source: astra

Type: Configuration

Vendor: *

Product: twisted

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*",      "versionEndIncluding": "24.3.0",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

End of list

Russian Vulnerability Scanner Database

CVE-2024-41810

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Related Vulnerabilities

Vulnerable Software (11)