Metrics
Affected Vendors & Products
Fri, 10 Jan 2025 22:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Osuuu
Osuuu lightpicture |
|
CPEs | cpe:2.3:a:osuuu:lightpicture:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:osuuu:lightpicture:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:osuuu:lightpicture:1.2.2:*:*:*:*:*:*:* |
|
Vendors & Products |
Osuuu
Osuuu lightpicture |
Mon, 06 Jan 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sun, 05 Jan 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |
Title | osuuu LightPicture SVG File Upload upload cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published: 2025-01-05T14:31:04.572Z
Updated: 2025-01-06T15:50:35.321Z
Reserved: 2025-01-04T12:27:02.266Z
Link: CVE-2024-13141

Updated: 2025-01-06T15:50:24.218Z

Status : Analyzed
Published: 2025-01-05T15:15:17.257
Modified: 2025-01-10T21:39:47.827
Link: CVE-2024-13141

No data.