CVE-2024-45793 | lyft confidant up to 6.6.1 /v1/credentials cross site scripting (GHSA-rxq8-q85f-m866)

Posted by Angelo Barbosa | Sep 20, 2024 | CVE

A vulnerability was found in lyft confidant up to 6.6.1. It has been rated as problematic. This issue affects some unknown processing of the file /v1/credentials. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-45793. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45793 | lyft confidant up to 6.6.1 /v1/credentials cross site scripting (GHSA-rxq8-q85f-m866)

Related Posts

CVE-2024-40503 | Tenda AX12 16.03.49.18_cn+ ICMP Packet denial of service

CVE-2024-21586 | Juniper Junos OS Packet Forwarding Engine unusual condition (JSA83195)

CVE-2024-37896 | flipped-aurora gin-vue-admin up to 2.6.5 sql injection (GHSA-gf3r-h744-mqgp)

CVE-2024-22372 | Elecom WRC-X1800GS-B 1.09/1.12/1.17/earlier/earlier Request os command injection