CVE-2023-49090 | CarrierWave up to 2.2.4/3.0.4 cross site scripting (GHSA-gxhx-g4fq-49hj)

Inserito da Angelo Barbosa | Nov 29, 2023 | CVE

A vulnerability, which was classified as problematic, has been found in CarrierWave up to 2.2.4/3.0.4. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2023-49090. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49090 | CarrierWave up to 2.2.4/3.0.4 cross site scripting (GHSA-gxhx-g4fq-49hj)

Post correlati

CVE-2024-6414 | Parsec Automation TrakSYS 11.x.x Export Page TS/export/contentpage ID direct request

CVE-2024-32862 | Johnson Controls exacqVision Web Service 22.12.1.0 cross-domain policy (icsa-24-214-02)

zephyrproject-rtos zephyr le_ecred_reconf_req stack-based overflow (GHSA-wr8r-7f8x-24jj)

CVE-2024-8041 | GitLab Community Edition/Enterprise Edition up to 17.1.5/17.2.3/17.3.0 Import resource consumption