Filtered by vendor Rageframe
Subscriptions
Filtered by product Rageframe
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-30883 | 1 Rageframe | 1 Rageframe | 2024-11-21 | 4.7 Medium |
Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the aspectRatio parameter in the image cropping function. | ||||
CVE-2024-30880 | 1 Rageframe | 1 Rageframe | 2024-11-21 | 5.4 Medium |
Reflected Cross Site Scripting (XSS) vulnerability in RageFrame2 v2.6.43, allows remote attackers to execute arbitrary web scripts or HTML and obtain sensitive information via a crafted payload injected into the multiple parameter in the image cropping function. | ||||
CVE-2022-36530 | 1 Rageframe | 1 Rageframe | 2024-11-21 | 6.1 Medium |
An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page. |
Page 1 of 1.