QwikSec

Security Database

CVE

CWE

Training

CVE-2024-12021

Published: Mar 31, 2025

Modified: Mar 31, 2025

PUBLISHED

Description

Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various administrative interfaces. The impact of exploitation may result in the compromise of local accounts managed by the Coverity platform as well as other standard impacts resulting from cross-site scripting.

Vendor	Product	Versions
Black Duck	Coverity	affected `0 - < 2024.9.0`

Weaknesses (CWE)

References

https://community.blackduck.com/s/article/Black-Duck-Product-Security-Advisory-CVE-2024-12021

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.