Lucene search

CVE-2024-35240 Stored Cross-site Scripting on Print Functionality in Umbraco Commerce

🗓️ 28 May 2024 20:32:15Reported by GitHub_MType

Umbraco Commerce CVE-2024-35240 print XSS vulnerability

Reporter	Title	Published	Views	Family All 6
NVD	CVE-2024-35240	28 May 202421:16	–	nvd
Vulnrichment	CVE-2024-35240 Stored Cross-site Scripting on Print Functionality in Umbraco Commerce	28 May 202420:15	–	vulnrichment
OSV	GHSA-RPJ9-XJWM-WR6W Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality	28 May 202421:18	–	osv
Github Security Blog	Umbraco Commerce vulnerable to Stored Cross-site Scripting on Print Functionality	28 May 202421:18	–	github
Veracode	Cross-site Scripting (XSS)	30 May 202419:13	–	veracode
CVE	CVE-2024-35240	28 May 202421:16	–	cve

[
  {
    "vendor": "umbraco",
    "product": "Umbraco.Commerce.Issues",
    "versions": [
      {
        "version": ">= 12.0.0, < 12.1.4",
        "status": "affected"
      },
      {
        "version": "< 10.0.5",
        "status": "affected"
      }
    ]
  }
]

Source	Link
docs	www.docs.umbraco.com/umbraco-commerce/release-notes
github	www.github.com/umbraco/Umbraco.Commerce.Issues/security/advisories/GHSA-rpj9-xjwm-wr6w

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

28 May 2024 20:15Current

5.3Medium risk

Vulners AI Score5.3

CVSS35.4

EPSS0.00043

CWE-79