CVE-2024-45793 | lyft confidant up to 6.6.1 /v1/credentials cross site scripting (GHSA-rxq8-q85f-m866)

Posted by Angelo Barbosa | Sep 20, 2024 | CVE

A vulnerability was found in lyft confidant up to 6.6.1. It has been rated as problematic. This issue affects some unknown processing of the file /v1/credentials. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-45793. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45793 | lyft confidant up to 6.6.1 /v1/credentials cross site scripting (GHSA-rxq8-q85f-m866)

Related Posts

CVE-2024-36497 | Faronics WINSelect Standard/WINSelect Enterprise prior 8.30.xx.903 Configuration File cleartext storage

CVE-2023-46218 | cURL up to 8.4.0 Cookie lib/cookie.c Curl_cookie_add information disclosure

CVE-2024-26901 | Linux Kernel up to 6.8.1 instrumented.h do_sys_name_to_handle information disclosure

CVE-2024-40094 | GraphQL Java up to 19.10/20.8/21.4 ExecutableNormalizedFields denial of service