CVE-2024-45299 | alfio-event alf.io up to 2.0-M4 Content Security Policy escape output (GHSA-mcx6-25f8-8rqw)

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability was found in alfio-event alf.io up to 2.0-M4. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Content Security Policy Handler. The manipulation leads to escaping of output.

This vulnerability is handled as CVE-2024-45299. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45299 | alfio-event alf.io up to 2.0-M4 Content Security Policy escape output (GHSA-mcx6-25f8-8rqw)

Related Posts

CVE-2024-22449 | Dell PowerScale OneFS up to 9.6.0.x missing authentication (dsa-2024-028)

CVE-2023-45479 | Tenda AC10 US_AC10V4.0si_V16.03.10.13_cn Parameter sub_49E098 list stack-based overflow

CVE-2024-1723 | SiteOrigin Widgets Bundle Plugin up to 1.58.7 on WordPress cross site scripting

CVE-2024-2754 | SourceCodester Complete E-Commerce Site 1.0 /admin/users_photo.php photo unrestricted upload