2 matches found
GHSA-CRVM-XJHM-9H29 OctoPrint vulnerable to XSS in Action Commands Notification and Prompt
Impact OctoPrint versions up to and including 1.11.3 are affected by a vulnerability that allows injection of arbitrary HTML and JavaScript into Action Command notification and prompt popups generated by the printer. An attacker who successfully convinces a victim to print a specially crafted fil...
PT-2024-25970 · Unknown · Urban Base Z-Downloads
Name of the Vulnerable Software and Affected Versions: URBAN BASE Z-Downloads versions 1.11.3 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects the Z-Downloads component. Recommendations: For versions 1.11.3 and earlier, update to a...