CVE-2023-49296 | Arduino Create Agent up to 1.3.5 Web Interface /certificate.crt cross site scripting (GHSA-j5hc-wx84-844h)

Posted by Angelo Barbosa | Dec 14, 2023 | CVE

A vulnerability, which was classified as problematic, has been found in Arduino Create Agent up to 1.3.5. This issue affects some unknown processing of the file /certificate.crt of the component Web Interface. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2023-49296. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49296 | Arduino Create Agent up to 1.3.5 Web Interface /certificate.crt cross site scripting (GHSA-j5hc-wx84-844h)

Related Posts

CVE-2024-6624 | JSON API User Plugin up to 3.9.3 on WordPress Remote Code Execution

CVE-2024-7911 | SourceCodester Simple Online Bidding System 1.0 index.php page file inclusion

CVE-2024-4458 | Themesflat Addons for Elementor Plugin up to 2.1.1 on WordPress URL cross site scripting

CVE-2024-3944 | WP To Do Plugin up to 1.3.0 on WordPress Task Comment cross site scripting