CVE-2024-34707 | Nautobot up to 1.6.21/2.2.3 /admin/constance/config/ BANNER_TOP/BANNER_BOTTOM/BANNER_LOGIN cross site scripting

Inserito da Angelo Barbosa | Mag 13, 2024 | CVE

A vulnerability classified as problematic was found in Nautobot up to 1.6.21/2.2.3. Affected by this vulnerability is an unknown functionality of the file /admin/constance/config/. The manipulation of the argument BANNER_TOP/BANNER_BOTTOM/BANNER_LOGIN leads to cross site scripting.

This vulnerability is known as CVE-2024-34707. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34707 | Nautobot up to 1.6.21/2.2.3 /admin/constance/config/ BANNER_TOP/BANNER_BOTTOM/BANNER_LOGIN cross site scripting

Post correlati

CVE-2024-4521 | Campcodes Complete Web-Based School Management System 1.0 teacher_salary_details2.php index cross site scripting

CVE-2024-33398 | piraeus-operator up to 2.5.0 permission

CVE-2024-26279 | Joomla CMS up to 3.10.14/4.4.2/5.0.2 cross site scripting

CVE-2024-25308 | code-projects Simple School Managment System 1.0 School/teacher_login.php name sql injection