No analysis available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Github GHSA |
GHSA-m5jf-8crm-r65m | Vditor allows Cross-site Scripting via an attribute of an `A` element |
Thu, 26 Feb 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 21 Aug 2025 01:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
B3log
B3log vditor |
|
| Weaknesses | CWE-79 | |
| CPEs | cpe:2.3:a:b3log:vditor:3.10.3:*:*:*:*:*:*:* | |
| Vendors & Products |
B3log
B3log vditor |
|
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-02T02:51:11.538Z
Reserved: 2024-05-03T00:00:00.000Z
Link: CVE-2024-34449
Updated: 2024-08-02T02:51:11.538Z
Status : Analyzed
Published: 2024-05-03T16:15:11.520
Modified: 2026-06-17T07:33:26.093
Link: CVE-2024-34449
No data.
OpenCVE Enrichment
No data.
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Github GHSA