UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. ¶¶ The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Nov 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Unopim
Unopim unopim |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:unopim:unopim:0.1.3:*:*:*:*:*:*:* | |
Vendors & Products |
Unopim
Unopim unopim |
|
Metrics |
cvssV3_1
|
Wed, 06 Nov 2024 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. ¶¶ The vulnerability allows attackers to perform XSS in SVG file extension, which can be used to stealing cookies. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-11-06T00:00:00
Updated: 2024-11-06T20:00:57.177Z
Reserved: 2024-10-28T00:00:00
Link: CVE-2024-50637
Vulnrichment
Updated: 2024-11-06T20:00:52.147Z
NVD
Status : Awaiting Analysis
Published: 2024-11-06T17:15:20.680
Modified: 2024-11-06T20:35:33.010
Link: CVE-2024-50637
Redhat
No data.