CVE-2024-37160 | Formwork up to 1.13.0/2.0.0-beta.1 /panel/options/site cross site scripting (GHSA-5pxr-7m4j-jjc6)

Posted by Angelo Barbosa | Jun 7, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Formwork up to 1.13.0/2.0.0-beta.1. This issue affects some unknown processing of the file /panel/options/site. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-37160. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-37160 | Formwork up to 1.13.0/2.0.0-beta.1 /panel/options/site cross site scripting (GHSA-5pxr-7m4j-jjc6)

Related Posts

CVE-2024-5762 | Zen Cart findPluginAdminPage file inclusion

CVE-2024-9239 | Booster for WooCommerce Plugin up to 7.2.3 on WordPress cross site scripting

CVE-2024-6104 | HashiCorp Shared library up to 0.7.6 go-retryablehttp log file

CVE-2024-21633 | iBotPeaches Apktool up to 2.9.1 path traversal (GHSA-2hqv-2xv4-5h5w)