CVE-2024-26467 | railroad-diagrams URL generator.html cross site scripting

Inserito da Angelo Barbosa | Feb 26, 2024 | CVE

A vulnerability, which was classified as problematic, was found in railroad-diagrams. Affected is an unknown function of the file generator.html of the component URL Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-26467. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-26467 | railroad-diagrams URL generator.html cross site scripting

Post correlati

CVE-2024-31856 | CyberPower PowerPanel up to 4.9.0 MQTT Message sql injection (icsa-24-123-01)

CVE-2023-6871 | Mozilla Firefox up to 120 Protocol denial of service

CVE-2023-48619 | Adobe Experience Manager AEM Cloud Service/6.5.18.0 cross site scripting (APSB23-72)

CVE-2023-50356 | Areal Topkapi Vision Server up to 6.2.4718 certificate validation