CVE-2024-34468 | Rukovoditel up to 3.5.2 My Page user_photo cross site scripting

Posted by Angelo Barbosa | May 5, 2024 | CVE

A vulnerability was found in Rukovoditel up to 3.5.2. It has been classified as problematic. This affects the function user_photo of the component My Page. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-34468. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34468 | Rukovoditel up to 3.5.2 My Page user_photo cross site scripting

Related Posts

CVE-2022-4003 | Motorola Q14 Mesh Router prior 1.5.0.16 API Request resource consumption

CVE-2023-45698 | HCL Sametime up to 12.0.1 FP1 Outlook Add-in clickjacking (KB0109082)

CVE-2024-40604 | Nimbus Skin up to 1.42.1 on MediaWiki Sidebar Menu cross site scripting

CVE-2024-7626 | wpdelicious WP Delicious Plugin up to 1.6.9 on WordPress Path Validation wp-config.php save_edit_profile_details file inclusion