CVE-2024-29882 | ossrs up to 5.0.209/6.0.120 /api/v1/vhosts/vid- callback cross site scripting

Posted by Angelo Barbosa | Mar 28, 2024 | CVE

A vulnerability was found in ossrs srs up to 5.0.209/6.0.120. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /api/v1/vhosts/vid-. The manipulation of the argument callback leads to cross site scripting.

This vulnerability is handled as CVE-2024-29882. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29882 | ossrs up to 5.0.209/6.0.120 /api/v1/vhosts/vid- callback cross site scripting

Related Posts

CVE-2024-8754 | GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1 external control of critical state data (Issue 464062)

CVE-2024-39704 | Soft Circle French-Bread Melty Blood up to 1.4.0 Service Port 46318 Privilege Escalation

CVE-2024-40893 | Firewalla Box Software up to 1.978 BLE os command injection

CVE-2024-5161 | Magical Addons for Elementor Plugin up to 1.1.39 on WordPress cross site scripting