CVE-2024-38354 | hackmdio codimd up to 2.5.3 HTML Tag name HTML injection (GHSA-22jv-vch8-2vp9)

Inserito da Angelo Barbosa | Lug 10, 2024 | CVE

A vulnerability was found in hackmdio codimd up to 2.5.3. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component HTML Tag Handler. The manipulation of the argument name leads to HTML injection.

This vulnerability is known as CVE-2024-38354. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38354 | hackmdio codimd up to 2.5.3 HTML Tag name HTML injection (GHSA-22jv-vch8-2vp9)

Post correlati

CVE-2024-6215 | SourceCodester Food Ordering Management System up to 1.0 view-ticket-admin.php id sql injection

CVE-2024-10232 | AtomChat Plugin up to 1.1.5 on WordPress Shortcode cross site scripting

CVE-2024-0483 | Taokeyun up to 1.0.5 HTTP POST Request Task.php index cid sql injection

CVE-2023-6095 | Hanwha Vision HRX-1620 up to 3.05.62 HTTP Header stack-based overflow