CVE-2024-40453 | squirrellyjs squirrelly 9.0.0 options.varName code injection

Inserito da Angelo Barbosa | Ago 21, 2024 | CVE

A vulnerability was found in squirrellyjs squirrelly 9.0.0. It has been rated as critical. This issue affects the function options.varName. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-40453. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-40453 | squirrellyjs squirrelly 9.0.0 options.varName code injection

Post correlati

CVE-2024-2430 | Website Content in Page or Post Plugin prior 2024.04.09 on WordPress Shortcode Attribute cross site scripting

CVE-2024-7221 | SourceCodester School Log Management System 1.0 /admin/manage_user.php id sql injection

CVE-2024-5901 | SiteOrigin Widgets Bundle up to 1.62.2 on WordPress Image Grid Widget cross site scripting

CVE-2024-1246 | Concrete CMS up to 9.2.4 Image URL Import cross site scripting