A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
History

Mon, 19 Aug 2024 21:30:00 +0000

Type Values Removed Values Added
First Time appeared Skycaiji
Skycaiji skycaiji
Weaknesses CWE-79
CPEs cpe:2.3:a:skycaiji:skycaiji:2.8:*:*:*:*:*:*:*
Vendors & Products Skycaiji
Skycaiji skycaiji
Metrics cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-06-26T00:00:00

Updated: 2024-08-02T04:19:20.637Z

Reserved: 2024-06-21T00:00:00

Link: CVE-2024-39242

cve-icon Vulnrichment

Updated: 2024-06-27T18:15:30.757Z

cve-icon NVD

Status : Modified

Published: 2024-06-26T20:15:16.527

Modified: 2024-11-21T09:27:21.613

Link: CVE-2024-39242

cve-icon Redhat

No data.