Lucene search

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

🗓️ 14 Mar 2022 00:00:00Reported by https://gitlab.com/gitlab-org/security-products/gemnasium-dbType

Improper Neutralization of Script-Related HTML Tags in Sylius eCommerce Platform prior to 1.9.10, 1.10.11, and 1.11.

Reporter	Title	Published	Views	Family All 9
CNVD	Sylius Cross-Site Scripting Vulnerability (CNVD-2022-20526)	15 Mar 202200:00	–	cnvd
Veracode	Cross-site Scripting (XSS)	15 Mar 202209:40	–	veracode
NVD	CVE-2022-24749	14 Mar 202222:15	–	nvd
OSV	CVE-2022-24749	14 Mar 202222:15	–	osv
OSV	Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius	14 Mar 202222:38	–	osv
Github Security Blog	Improper sanitize of SVG files during content upload ('Cross-site Scripting') in sylius/sylius	14 Mar 202222:38	–	github
Prion	Cross site scripting	14 Mar 202222:15	–	prion
Cvelist	CVE-2022-24749 Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius	14 Mar 202221:45	–	cvelist
CVE	CVE-2022-24749	14 Mar 202222:15	–	cve

Source	Link
github	www.github.com/Sylius/Sylius/security/advisories/GHSA-4qrp-27r3-66fj
github	www.github.com/Sylius/Sylius/releases/tag/v1.10.11
github	www.github.com/Sylius/Sylius/releases/tag/v1.11.2
github	www.github.com/Sylius/Sylius/releases/tag/v1.9.10
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-24749
github	www.github.com/advisories/GHSA-4qrp-27r3-66fj

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Mar 2022 00:00Current

5.9Medium risk

Vulners AI Score5.9

EPSS0.00127