CVE-2024-47075 | LayUI up to 2.9.16 img Tag name cross site scripting (GHSA-j827-6rgf-9629)

Inserito da Angelo Barbosa | Set 26, 2024 | CVE

A vulnerability was found in LayUI up to 2.9.16. It has been rated as problematic. Affected by this issue is some unknown functionality of the component img Tag Handler. The manipulation of the argument name leads to cross site scripting.

This vulnerability is handled as CVE-2024-47075. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-47075 | LayUI up to 2.9.16 img Tag name cross site scripting (GHSA-j827-6rgf-9629)

Post correlati

CVE-2021-47168 | Linux Kernel up to 5.12.8 NFS filelayout_decode_layout memory corruption

CVE-2023-51616 | D-Link DIR-X3260 prog.cgi SetSysEmailSettings stack-based overflow

CVE-2024-22293 | Andrea Tarantini BP Profile Search Plugin up to 5.5 on WordPress cross site scripting

CVE-2023-45591 | AiLux imx6 up to 1.0.7-1 Ax_rtu logger_generic heap-based overflow