Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:0 a.m.2 views

CVE-2024-47605

silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payloa...

5.4CVSS7AI score0.01108EPSS
Exploits2References1
NVD
NVD
added 2025/01/14 11:15 p.m.12 views

CVE-2024-47605

silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payloa...

5.4CVSS0.01108EPSS
Exploits2References3
Circl
Circl
added 2025/01/14 11:9 p.m.5 views

CVE-2024-47605

creationtimestamp| type| source ---|---|--- 2025-01-14 23:09:18+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1634 2025-01-15 00:53:35+00:00| seen| https://t.me/cvedetector/15385...

5.4CVSS4.8AI score0.01108EPSS
Exploits2References2
OSV
OSV
added 2025/01/14 10:42 p.m.10 views

CVE-2024-47605 Cross-site Scripting via insert media remote file oembed in silverstripe-asset-admin

silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payloa...

5.4CVSS6.4AI score0.01108EPSS
Exploits2References5
CVE
CVE
added 2025/01/14 10:42 p.m.59 views

CVE-2024-47605

CVE-2024-47605 affects the SilverStripe ecosystem, specifically the silverstripe-asset-admin asset gallery when using the “insert media” feature. The vulnerability arises because the linked oEmbed JSON may include an HTML attribute that replaces the embed shortcode without sanitization, enabling ...

5.4CVSS5.4AI score0.01108EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2025/01/14 10:42 p.m.9 views

CVE-2024-47605 Cross-site Scripting via insert media remote file oembed in silverstripe-asset-admin

silverstripe-asset-admin is a silverstripe assets gallery for asset management. When using the "insert media" functionality, the linked oEmbed JSON includes an HTML attribute which will replace the embed shortcode. The HTML is not sanitized before replacing the shortcode, allowing a script payloa...

5.4CVSS5.4AI score0.01108EPSS
Exploits2References3
Friends Of PHP
Friends Of PHP
added 2025/01/14 9:24 p.m.16 views

CVE-2024-47605 - XSS via insert media remote file oembed

More info at https://www.silverstripe.org/download/security-releases/cve-2024-47605...

5.4CVSS6.8AI score0.01108EPSS
Exploits2Affected Software1
Rows per page
Query Builder