CVE-2024-50335 | SalesAgility SuiteCRM up to 7.14.5/8.7.0 Edit Profile Page o.js Publish Key cross site scripting (GHSA-8rw6-g96j-3w7m)

Inserito da Angelo Barbosa | Nov 5, 2024 | CVE

A vulnerability classified as problematic was found in SalesAgility SuiteCRM up to 7.14.5/8.7.0. This vulnerability affects unknown code of the file o.js of the component Edit Profile Page. The manipulation of the argument Publish Key leads to cross site scripting.

This vulnerability was named CVE-2024-50335. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-50335 | SalesAgility SuiteCRM up to 7.14.5/8.7.0 Edit Profile Page o.js Publish Key cross site scripting (GHSA-8rw6-g96j-3w7m)

Post correlati

CVE-2024-23985 | EzServer 6.4.017 Daemon denial of service (ID 176663)

CVE-2023-6738 | PageLayer Plugin up to 1.7.8 on WordPress Meta Field cross site scripting

CVE-2023-52447 | Linux Kernel up to 5.8/6.1.74/6.6.13/6.7.1 BPF bpf_map_fd_put_ptr use after free

CVE-2024-1958 | WP-FeedStats wpb-show-core Plugin up to 2.6 on WordPress cross site scripting