8 matches found
CVE-2024-29278
funboot v1.1 is vulnerable to Cross Site Scripting XSS via the title field in "create a message ."...
CVE-2024-29278
funboot v1.1 is vulnerable to Cross Site Scripting XSS via the title field in "create a message ."...
CVE-2024-29278
funboot v1.1 is vulnerable to Cross Site Scripting XSS via the title field in "create a message ."...
CVE-2024-29278
funboot v1.1 is vulnerable to Cross Site Scripting XSS via the title field in "create a message ."...
CVE-2024-29278
CVE-2024-29278 affects funboot v1.1 with a Cross Site Scripting (XSS) flaw in the title field of the “create a message” endpoint. The root cause is input handling in the title parameter that allows script injection, enabling potential user-facing XSS. The CVSS 3.1 base metrics given (AV:N/AC:L/PR...
PT-2024-22848 · Funboot · Funboot
Name of the Vulnerable Software and Affected Versions: funboot version 1.1 Description: The issue is related to Cross Site Scripting XSS via the title field in the "create a message" endpoint. This allows for potential malicious script injection. Recommendations: For funboot version 1.1, as a...
CVE-2024-29278
funboot v1.1 is vulnerable to Cross Site Scripting XSS via the title field in "create a message ."...
funboot 跨站脚本漏洞
Funboot is a Yii2 based Saas rapid development platform by individual developer peanut funson86. A cross-site scripting vulnerability exists in funboot v1.1, which stems from an easy cross-site scripting attack via the title field in create a message...