CVE-2024-56508 File Upload Vulnerability Leading to XSS in LinkAce v1.15.5

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads...

CVE-2024-56508 File Upload Vulnerability Leading to XSS in LinkAce v1.15.5

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads...

CVE-2024-56508

The CVE-2024-56508 entry describes a file upload vulnerability in LinkAce prior to v1.15.6 within the Import Bookmarks function. Malicious HTML files can be uploaded containing JavaScript payloads that execute when the uploaded links are accessed, enabling potential reflected or persistent XSS. T...

CVE-2024-56508 File Upload Vulnerability Leading to XSS in LinkAce v1.15.5

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a file upload vulnerability exists in the LinkAce. This issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads...

CVE-2024-56507 Reflected Cross-Site Scripting (XSS) Vulnerability in LinkAce

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting XSS vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before bein...

CVE-2024-56507 Reflected Cross-Site Scripting (XSS) Vulnerability in LinkAce

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting XSS vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before bein...

CVE-2024-56507

CVE-2024-56507 : A reflected Cross-Site Scripting (XSS) vulnerability exists in LinkAce prior to version 1.15.6, specifically in the Edit Link module’s URL field where input is reflected in the HTML response. The issue allows injection and execution of arbitrary JavaScript in a victim’s browser, ...

CVE-2024-56507 Reflected Cross-Site Scripting (XSS) Vulnerability in LinkAce

LinkAce is a self-hosted archive to collect links of your favorite websites. Prior to 1.15.6, a reflected cross-site scripting XSS vulnerability exists in the LinkAce. This issue occurs in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before bein...

LinkAce 安全漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A security vulnerability exists in LinkAce versions prior to 1.15.6. An attacker exploiting this vulnerability could upload a malicious HTML file containing a JavaScript payload...

PT-2024-36823 · Linkace · Linkace

Name of the Vulnerable Software and Affected Versions: LinkAce versions prior to 1.15.6 Description: The issue occurs in the "Import Bookmarks" functionality, where malicious HTML files can be uploaded containing JavaScript payloads. These payloads execute when the uploaded links are accessed,...

PT-2024-36822 · Linkace · Linkace

Name of the Vulnerable Software and Affected Versions: LinkAce versions prior to 1.15.6 Description: A reflected cross-site scripting XSS issue exists in the "URL" field of the "Edit Link" module, where user input is not properly sanitized or encoded before being reflected in the HTML response...

LinkAce 安全漏洞

LinkAce is a self-hosted archive of links to your favorite websites by Kevin Woblick Personal Developer. A security vulnerability exists in LinkAce versions prior to 1.15.6 that stems from user input that is not properly cleaned or encoded before being reflected in an HTML response. An attacker...