CVE-2024-36624 | Zulip 8.3 copy_and_paste.js construct_copy_div cross site scripting

Inserito da Angelo Barbosa | Nov 29, 2024 | CVE

A vulnerability has been found in Zulip 8.3 and classified as problematic. Affected by this vulnerability is the function construct_copy_div of the file copy_and_paste.js. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-36624. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-36624 | Zulip 8.3 copy_and_paste.js construct_copy_div cross site scripting

Post correlati

CVE-2024-9700 | Forminator Forms Plugin up to 1.36.0 on WordPress resource injection

CVE-2024-11817 | PHPGurukul User Registration & Login and User Management System /admin/index.php sql injection

CVE-2024-4039 | Orders Tracking for WooCommerce Plugin up to 1.2.10 on WordPress Shortcode code injection

CVE-2024-39679 | XjSv Cooked Plugin up to 1.7.x on WordPress cross-site request forgery (GHSA-2jh3-9939-c4rc)