Lucene search
K

4 matches found

NVD
NVD
added 2024/08/01 3:15 p.m.34 views

CVE-2024-41961

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

9.6CVSS0.00619EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/01 2:33 p.m.18 views

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

9.6CVSS7.2AI score0.00619EPSS
Exploits0References3
OSV
OSV
added 2024/08/01 2:33 p.m.26 views

CVE-2024-41961 Elektra vulnerable to remote code execution in universal search

Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found in the live search functionality of the Ruby on Rails based Elektra web application. An authenticated user can craft a search term containing Ruby code, which...

9.6CVSS7.3AI score0.00619EPSS
Exploits0References5
Huntr
Huntr
added 2022/06/06 8:54 p.m.31 views

Stored XSS via Deserialization of Stylesheets

Description Diagram files can contain stylesheets which basically consist of key value pairs that influence the appearance of digram elements. When adding a stylesheet mxStylesheet element it is possible to execute JavaScript code when used in combination with the internal include element. Usuall...

3.5CVSS1.6AI score0.00607EPSS
Exploits1
Rows per page
Query Builder