CVE-2024-8863 | aimhubio aim up to 3.24 Text Explorer textbox.tsx dangerouslySetInnerHTML query cross site scripting

Posted by Angelo Barbosa | Sep 14, 2024 | CVE

A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. The manipulation of the argument query leads to cross site scripting.

This vulnerability is traded as CVE-2024-8863. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8863 | aimhubio aim up to 3.24 Text Explorer textbox.tsx dangerouslySetInnerHTML query cross site scripting

Related Posts

CVE-2024-7905 | DedeBIZ 6.3.0 admin/archives_do.php AdminUpload litpic unrestricted upload

CVE-2024-6489 | Getwid Plugin up to 2.0.10 on WordPress Google API Key authorization

CVE-2024-7828 | D-Link DNS-1550-04 up to 20240814 photocenter_mgr.cgi cgi_set_cover album_name buffer overflow

CVE-2024-40618 | NAVER Whale Browser 1.10.6.2/3.0.1.2 Built-in Extension cross site scripting