Lucene search
GoogleOSV:GO-2024-2747HistoryJun 04, 2024 - 3:19 p.m.
Hugo Markdown titles do not escaped in internal render hooks in github.com/gohugoio/hugo
2024-06-0415:19:21
Google
osv.dev
4
hugo
markdown
titles
not
escaped
internal
render
hooks
github.com/gohugoio/hugo
software
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.5%
Hugo Markdown titles do not escaped in internal render hooks in github.com/gohugoio/hugo
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/gohugoio/hugo | lt | 0.125.3 | |
| github.com/gohugoio/hugo | ge | 0.123.0 |
References
Related
cgr
cgr
CVE-2024-32875 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2024-32875
2024-04-23 21:15:48
cve
cve
CVE-2024-32875
2024-04-23 21:15:48
github
github
Hugo Markdown titles do not escaped in internal render hooks
2024-04-23 21:16:15
cvelist
cvelist
CVE-2024-32875 Hugo doesn't escape markdown title in internal render hooks
2024-04-23 20:23:42
ubuntucve
ubuntucve
CVE-2024-32875
2024-04-23 00:00:00
osv
osv
Hugo Markdown titles do not escaped in internal render hooks
2024-04-23 21:16:15
veracode
veracode
Cross Site Scripting
2024-04-24 04:54:08
debiancve
debiancve
CVE-2024-32875
2024-04-23 21:15:48
wolfi
wolfi
CVE-2024-32875 vulnerabilities
2024-07-06 09:08:40
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
15.5%
Related for OSV:GO-2024-2747