CVE-2024-22411 | avo up to 2.x on Ruby Notifications Avo::BaseAction cross site scripting (GHSA-g8vp-2v5p-9qfh)

Inserito da Angelo Barbosa | Gen 17, 2024 | CVE

A vulnerability was found in avo up to 2.x on Ruby. It has been classified as problematic. Affected is the function Avo::BaseAction of the component Notifications Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-22411. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-22411 | avo up to 2.x on Ruby Notifications Avo::BaseAction cross site scripting (GHSA-g8vp-2v5p-9qfh)

Post correlati

CVE-2024-39277 | Linux Kernel up to 5.15.160/6.1.92/6.6.32/6.9.3 topology.h cpumask_of_node array index

CVE-2024-41929 | Takenaka HDVR-400 os command injection

CVE-2024-35753 | TemplatesNext OnePager Plugin up to 1.3.3 on WordPress cross site scripting

CVE-2023-20248 | Cisco TelePresence Management Suite Web-based Management Interface cross site scripting (cisco-sa-tms-portal-xss-AXNeVg3s)