CVE-2024-50335 | SalesAgility SuiteCRM up to 7.14.5/8.7.0 Edit Profile Page o.js Publish Key cross site scripting (GHSA-8rw6-g96j-3w7m)

Inserito da Angelo Barbosa | Nov 5, 2024 | CVE

A vulnerability classified as problematic was found in SalesAgility SuiteCRM up to 7.14.5/8.7.0. This vulnerability affects unknown code of the file o.js of the component Edit Profile Page. The manipulation of the argument Publish Key leads to cross site scripting.

This vulnerability was named CVE-2024-50335. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-50335 | SalesAgility SuiteCRM up to 7.14.5/8.7.0 Edit Profile Page o.js Publish Key cross site scripting (GHSA-8rw6-g96j-3w7m)

Post correlati

CVE-2024-38746 | MakeStories Plugin up to 3.0.3 on WordPress path traversal

CVE-2024-43331 | VeronaLabs WP SMS Plugin up to 6.9.3 on WordPress authorization

CVE-2024-49270 | HashThemes Smart Blocks Plugin up to 2.0 on WordPress cross site scripting

CVE-2024-21891 | Node.js up to 20.11.0/21.6.0 Experimental Permission Model path traversal