CVE-2024-29191 | AlexxIT go2rtc up to 1.8.5 GET Parameter links.html src cross site scripting (GHSL-2023-205)

Posted by Angelo Barbosa | Apr 4, 2024 | CVE

A vulnerability was found in AlexxIT go2rtc up to 1.8.5. It has been declared as problematic. This vulnerability affects unknown code of the file links.html of the component GET Parameter Handler. The manipulation of the argument src leads to cross site scripting.

This vulnerability was named CVE-2024-29191. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-29191 | AlexxIT go2rtc up to 1.8.5 GET Parameter links.html src cross site scripting (GHSL-2023-205)

Related Posts

CVE-2024-26749 | Linux Kernel up to 6.7.6 cdns3 cdns3_gadget_ep_disable use after free

CVE-2024-25753 | Tenda AC9 15.03.06.42_multi formSetDeviceName stack-based overflow

CVE-2023-41171 | NetScout nGeniusONE 6.3.4 Build 2298 cross site scripting

CVE-2023-49837 | Code Embed Plugin up to 2.3.6 on WordPress denial of service