CVE-2024-37165 | Discourse up to 3.2.2/3.3.0.beta2 Onebox Data cross site scripting

Inserito da Angelo Barbosa | Lug 30, 2024 | CVE

A vulnerability was found in Discourse up to 3.2.2/3.3.0.beta2. It has been classified as problematic. This affects an unknown part of the component Onebox Data Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-37165. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37165 | Discourse up to 3.2.2/3.3.0.beta2 Onebox Data cross site scripting

Post correlati

CVE-2024-2665 | Premium Addons for Elementor Plugin up to 4.10.27 on WordPress Button cross site scripting

CVE-2024-37267 | kaptinlin Striking Plugin up to 2.3.4 on WordPress cross site scripting

CVE-2023-52099 | Huawei HarmonyOS/EMUI NMS Module access control

CVE-2024-7733 | FastCMS up to 0.1.5 New Article Category Page cross site scripting