5 matches found
CVE-2024-43408
Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...
CVE-2024-43408 Discourse Placeholder Forms has a XSS stopped by CSP
Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...
CVE-2024-43408 Discourse Placeholder Forms has a XSS stopped by CSP
Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...
CVE-2024-43408 Discourse Placeholder Forms has a XSS stopped by CSP
Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7...
PT-2024-30565 · Discourse · Discourse Placeholder Forms
Name of the Vulnerable Software and Affected Versions: Discourse Placeholder Forms affected versions not specified Description: The issue allows the creation of dynamic documentation but is affected by the injection of unsanitized and stored user input into the HTML of a post. This can potentiall...