CVE-2024-28866 | GoCD up to 24.0.x redirect_to cross site scripting

Posted by Angelo Barbosa | May 13, 2024 | CVE

A vulnerability, which was classified as problematic, was found in GoCD up to 24.0.x. Affected is an unknown function. The manipulation of the argument redirect_to leads to cross site scripting.

This vulnerability is traded as CVE-2024-28866. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-28866 | GoCD up to 24.0.x redirect_to cross site scripting

Related Posts

CVE-2024-5261 | LibreOffice up to 24.2.3 LibreOfficeKit Mode certificate validation

CVE-2024-20439 | Cisco Smart License Utility 2.0.0/2.1.0/2.2.0 backdoor (cisco-sa-cslu-7gHMzWmw)

CVE-2024-0682 | Page Restrict Plugin up to 2.5.5 on WordPress protection mechanism

CVE-2023-3942 | ZkTeco ZAM170-NF 1.8.25-7354-Ver1.0.0 sql injection (K-ZkTeco-2023-005)