3 matches found
CVE-2024-41953
creationtimestamp| type| source ---|---|--- 2024-07-31 20:11:04+00:00| seen| https://t.me/cvedetector/2159...
CVE-2024-41953
ZITAdel ( Zitadel ) has a vulnerability (CVE-2024-41953) due to improper HTML sanitization in emails and Console UI. The issue allows untrusted user- or admin-provided content (such as usernames and email body content) to include HTML/JS that could render in emails and user pages. Impact describe...
CVE-2024-41953 Zitadel improperly sanitizes HTML in emails and Console UI
Zitadel is an open source identity management system. ZITADEL uses HTML for emails and renders certain information such as usernames dynamically. That information can be entered by users or administrators. Due to a missing output sanitization, these emails could include malicious code. This may...