CVE-2024-54133 | Action Pack up to 7.0.8.6/7.1.5.0/7.2.2.0/8.0.0.0 content_security_policy cross site scripting (GHSA-vfm5-rmrh-j26v)

Posted by Angelo Barbosa | Dec 11, 2024 | CVE

A vulnerability was found in Action Pack up to 7.0.8.6/7.1.5.0/7.2.2.0/8.0.0.0. It has been classified as problematic. Affected is the function content_security_policy. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-54133. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-54133 | Action Pack up to 7.0.8.6/7.1.5.0/7.2.2.0/8.0.0.0 content_security_policy cross site scripting (GHSA-vfm5-rmrh-j26v)

Related Posts

CVE-2023-51656 | Apache IoTDB up to 0.13.4 deserialization

CVE-2024-38419 | Qualcomm Snapdragon Auto up to XR1 Platform HGSL use after free

CVE-2024-32095 | MultiParcels Shipping For WooCommerce Plugin up to 1.16.8 on WordPress cross-site request forgery

CVE-2024-4107 | Elementor Website Builder Pro Plugin up to 3.21.0 on WordPress cross site scripting