Lucene search
CVE-2024-34481
Drupal Wiki XSS vulnerability in comments, captions, and image title
Show more
| Reporter | Title | Published | Views | Family All 7 |
|---|---|---|---|---|
 | CVE-2024-34481 | 5 Jul 202402:15 | – | osv |
| UBUNTU-CVE-2024-34481 | 5 Jul 202402:15 | – | osv |
 | CVE-2024-34481 | 5 Jul 202400:00 | – | ubuntucve |
 | Drupal-Wiki 8.31 / 8.30 Cross Site Scripting | 9 May 202400:00 | – | packetstorm |
 | CVE-2024-34481 | 5 Jul 202400:00 | – | vulnrichment |
 | CVE-2024-34481 | 5 Jul 202402:15 | – | nvd |
 | CVE-2024-34481 | 5 Jul 202400:00 | – | cvelist |
Node
| Source | Link |
|---|---|
| secuvera | www.secuvera.de/advisories/secuvera-SA-2024-02.txt |
| seclists | www.seclists.org/fulldisclosure/2024/May/4 |
| drupal-wiki | www.drupal-wiki.com/drupal-wiki-update-8-31/ |
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| comment | request body | /path/to/wiki/page | XSS vulnerability through comments on a Wiki page. | CWE-79 |
| caption | request body | /path/to/wiki/page | XSS vulnerability through captions on a Wiki page. | CWE-79 |
| image title | request body | /path/to/wiki/page | XSS vulnerability through image titles on a Wiki page. | CWE-79 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo05 Jul 2024 02:15Current
6Medium risk
Vulners AI Score6
CVSS36.1
EPSS0.00052
SSVC