CVE-2024-5829 | smallweigit Avue up to 3.4.4 avueUeditor cross site scripting (I9UQ4Q)

Posted by Angelo Barbosa | Jun 11, 2024 | CVE

A vulnerability classified as problematic was found in smallweigit Avue up to 3.4.4. Affected by this vulnerability is an unknown functionality of the component avueUeditor. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-5829. The attack can be launched remotely. Furthermore, there is an exploit available.

The code maintainer explains, that “rich text is no longer maintained”.

CVE-2024-5829 | smallweigit Avue up to 3.4.4 avueUeditor cross site scripting (I9UQ4Q)

Related Posts

CVE-2024-34707 | Nautobot up to 1.6.21/2.2.3 /admin/constance/config/ BANNER_TOP/BANNER_BOTTOM/BANNER_LOGIN cross site scripting

CVE-2024-2993 | Tenda FH1203 2.0.1.6 /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

CVE-2024-3427 | SourceCodester Online Courseware 1.0 addq.php id cross site scripting

CVE-2024-4837 | Progress Telerik Report Server prior 10.1.24.514 on IIS information disclosure