Lucene search

K
cveMitreCVE-2024-26495
HistoryApr 03, 2024 - 3:15 a.m.

CVE-2024-26495

2024-04-0303:15:09
mitre
web.nvd.nist.gov
33
cve-2024-26495
cross site scripting
remote attacker
arbitrary code
sensitive information
bbcode tags
post content
post comments function

AI Score

6.2

Confidence

High

EPSS

0

Percentile

9.0%

Cross Site Scripting (XSS) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the BBCode tags in the post content and post comments function.

AI Score

6.2

Confidence

High

EPSS

0

Percentile

9.0%

Related for CVE-2024-26495