Lucene search
K

6 matches found

Circl
Circl
added 2025/03/28 7:29 p.m.5 views

CVE-2024-35621

creationtimestamp| type| source ---|---|--- 2025-03-28 19:29:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9446...

4.8CVSS4.9AI score0.00271EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/14 12:3 a.m.9 views

CVE-2024-35621

A cross-site scripting XSS vulnerability in the Edit function of Formwork before 1.13.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content field...

4.8CVSS5.6AI score0.00271EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/05/28 4:54 p.m.24 views

formwork Cross-site scripting vulnerability in Markdown fields

Impact Users with access to the administration panel with page editing permissions could insert tags in markdown fields, which are exposed on the publicly accessible site pages, leading to potential XSS injections. Patches - Formwork 1.13.0 has been released with a patch that solves this...

4.8CVSS5.5AI score0.00271EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/05/28 4:54 p.m.16 views

GHSA-GX8M-F3MP-FG99 formwork Cross-site scripting vulnerability in Markdown fields

Impact Users with access to the administration panel with page editing permissions could insert tags in markdown fields, which are exposed on the publicly accessible site pages, leading to potential XSS injections. Patches - Formwork 1.13.0 has been released with a patch that solves this...

4.8CVSS5.3AI score0.00271EPSS
Exploits0References5
CVE
CVE
added 2024/05/28 3:40 p.m.5420 views

CVE-2024-35621

Formwork CVE-2024-35621 is an XSS in the Edit function prior to 1.13.0, exploitable via a crafted payload in the Content field. Root cause: insufficient sanitization of markdown fields, enabling [removed] tags to reach public pages through editor content. Affected: Formwork before 1.13.0. Impact:...

4.8CVSS5.9AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/28 3:40 p.m.11 views

CVE-2024-35621

A cross-site scripting XSS vulnerability in the Edit function of Formwork before 1.13.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content field...

5.7AI score0.00271EPSS
Exploits0References1
Rows per page
Query Builder