CVE-2024-28175 | argocd up to 2.8.11/2.9.0/2.9.7/2.10.0/2.10.2 URL Protocol cross site scripting (GHSA-jwv5-8mqv-g387)

Inserito da Angelo Barbosa | Mar 13, 2024 | CVE

A vulnerability, which was classified as problematic, was found in argocd up to 2.8.11/2.9.0/2.9.7/2.10.0/2.10.2. Affected is an unknown function of the component URL Protocol Handler. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-28175. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28175 | argocd up to 2.8.11/2.9.0/2.9.7/2.10.0/2.10.2 URL Protocol cross site scripting (GHSA-jwv5-8mqv-g387)

Post correlati

CVE-2024-42767 | Kashipara Hotel Management System 1.0 add_room_controller.php unrestricted upload

CVE-2023-51614 | D-Link DIR-X3260 prog.cgi SetQuickVPNSettings stack-based overflow

CVE-2024-30606 | Tenda FH1203 2.0.1.6 /goform/DhcpListClient fromDhcpListClient page stack-based overflow

CVE-2024-25133 | Red Hat Openshift Hive Privilege Escalation