CVE-2024-3081 | EasyCorp EasyAdmin up to 4.8.9 Autocomplete autocomplete.js item cross site scripting (5971/6067)

Posted by Angelo Barbosa | Mar 29, 2024 | CVE

A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross site scripting.

This vulnerability is known as CVE-2024-3081. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3081 | EasyCorp EasyAdmin up to 4.8.9 Autocomplete autocomplete.js item cross site scripting (5971/6067)

Related Posts

CVE-2022-44595 | Melapress WP 2FA Plugin up to 2.2.0 on WordPress improper authentication

CVE-2024-32871 | Pimcore up to 11.2.3 Thumbnail Generation allocation of resources

CVE-2024-1633 | Renesas rcar_gen3 2.5 Image bl2_mem_params_descs integer overflow

CVE-2024-4208 | Kadence Gutenberg Blocks Plugin up to 3.2.37 on WordPress Typer Effect cross site scripting