CVE-2024-49379 | umbrel up to 1.2.1 Query Parameter cross site scripting (GHSL-2024-164)

Inserito da Angelo Barbosa | Nov 13, 2024 | CVE

A vulnerability classified as problematic has been found in umbrel up to 1.2.1. This affects an unknown part of the component Query Parameter Handler. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-49379. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49379 | umbrel up to 1.2.1 Query Parameter cross site scripting (GHSL-2024-164)

Post correlati

CVE-2022-4963 | Folio Spring Module Core up to 1.1.5 Schema Name HibernateSchemaService.java dropSchema sql injection (FOLIO-3645)

CVE-2023-6765 | SourceCodester Online Tours & Travels Management System 1.0 email_setup.php prepare name sql injection

CVE-2023-6580 | D-Link DIR-846 FW100A53DBR QoS POST /HNAP1/ smartqos_express_devices/smartqos_normal_devices deserialization

CVE-2024-2298 | affiliate-toolkit Plugin up to 3.5.4 on WordPress atkp_import_product authorization