CVE-2024-28237 | OctoPrint up to 1.9.3/1.10.0rc2 URL cross site scripting (GHSA-x7mf-wrh9-r76c)

Inserito da Angelo Barbosa | Mar 19, 2024 | CVE

A vulnerability was found in OctoPrint up to 1.9.3/1.10.0rc2 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-28237. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28237 | OctoPrint up to 1.9.3/1.10.0rc2 URL cross site scripting (GHSA-x7mf-wrh9-r76c)

Post correlati

CVE-2024-21747 | weDevs WP ERP Plugin up to 1.12.8 on WordPress sql injection

CVE-2023-46104 | Apache Superset up to 2.1.2/3.0.1 ZIP File resource consumption

CVE-2024-25956 | Dell Grab up to 5.0.4 on Windows permission assignment (dsa-2024-121)

CVE-2024-6684 | GST Electronics inohom Nova Panel N7 up to 1.9.9.6 authentication bypass