CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...

CVE-2024-37844

A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file...

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution RCE vulnerability via the Active Process Command feature...

CVE-2024-37844

A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-37844

A stored cross-site scripting XSS vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.1.4 and Mango API versions prior to 4.5.5, which originates from an arbitrary file upload and allows attackers to execute arbitrary code via a...

CVE-2024-37844

MangoOS is affected by a stored XSS vulnerability prior to version 5.2.0. The issue allows an attacker to execute arbitrary web scripts or HTML via a crafted payload, impacting web interfaces. Affected: MangoOS before 5.2.0. Root cause: stored XSS in the web context. Impact: potential data exposu...

PT-2024-27779 · Mangoos · Mangoos

Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: The issue is an authenticated remote code execution RCE vulnerability via the Active Process Command feature. Recommendations: For versions prior to 5.2.0, update to version 5.2.0 or later to resol...

PT-2024-27780 · Mangoos · Mangoos

Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: The issue is related to a Client-Side Template Injection CSTI vulnerability. This vulnerability can be exploited via the Platform Management Edit page. Recommendations: For versions prior to 5.2.0,...

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.2.0, which stems from authenticated Remote Code Execution RCE via the Active Process Command feature...

MangoOS 安全漏洞

MangoOS is an open source JavaScript object-oriented programming library from Automattic. A security vulnerability exists in MangoOS versions prior to 5.2.0, which stems from vulnerability to a stored cross-site scripting attack that allows an attacker to execute arbitrary web script or HTML via ...

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection CSTI vulnerability via the Platform Management Edit page...

PT-2024-27778 · Mangoos · Mangoos

Name of the Vulnerable Software and Affected Versions: MangoOS versions prior to 5.2.0 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For versions prior to 5.2.0, update to version 5.2.0 or lat...