CVE-2024-8783 | OpenTibiaBR MyAAC up to 0.8.16 Post Reply new_post.php post_topic cross site scripting (Issue 121)

Posted by Angelo Barbosa | Sep 13, 2024 | CVE

A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Handler. The manipulation of the argument post_topic leads to cross site scripting.

This vulnerability is traded as CVE-2024-8783. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-8783 | OpenTibiaBR MyAAC up to 0.8.16 Post Reply new_post.php post_topic cross site scripting (Issue 121)

Related Posts

CVE-2024-5157 | Google Chrome prior 125.0.6422.76 Scheduling use after free

CVE-2024-30631 | Tenda FH1205 2.0.0.7(775) /goform/openSchedWifi setSchedWifi schedStartTime stack-based overflow

CVE-2024-23179 | MediaWiki up to 1.40.1 GlobalBlocking Extension Special:GlobalBlock uselang cross site scripting

CVE-2023-32471 | Dell Edge Gateway 5200/Edge Gateway 3200 prior 1.05.10 BIOS out-of-bounds (dsa-2023-225)