CVE-2024-35621 | Formwork up to 1.12.x Edit Content cross site scripting

Inserito da Angelo Barbosa | Mag 28, 2024 | CVE

A vulnerability has been found in Formwork up to 1.12.x and classified as problematic. This vulnerability affects unknown code of the component Edit Handler. The manipulation of the argument Content leads to cross site scripting.

This vulnerability was named CVE-2024-35621. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-35621 | Formwork up to 1.12.x Edit Content cross site scripting

Post correlati

CVE-2024-4032 | Python CPython up to 3.12.3/3.13.0a5 IPv6 Address is_private/is_global Privilege Escalation (Issue 113171)

CVE-2023-48711 | cjvnjde google-translate-api-browser up to 4.1.2 Web API server-side request forgery (GHSA-4233-7q5q-m7p6)

CVE-2024-36597 | Aegon Life 1.0 clientStatus.php client_id sql injection

CVE-2024-40726 | Netbox 4.0.3 Name cross site scripting