Teedy v1.11 has a vulnerability in its text editor that allows events to be executed in HTML tags that an attacker could manipulate. Thanks to this, it is possible to execute malicious JavaScript in the webapp.
History

Tue, 24 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2023-09-25T15:55:35.816Z

Updated: 2024-09-24T14:58:29.451Z

Reserved: 2023-09-11T13:23:29.875Z

Link: CVE-2023-4892

cve-icon Vulnrichment

Updated: 2024-08-02T07:38:00.898Z

cve-icon NVD

Status : Modified

Published: 2023-09-25T16:15:15.530

Modified: 2024-11-21T08:36:12.260

Link: CVE-2023-4892

cve-icon Redhat

No data.