Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Github Security Blog
Github Security Blogadded 2024/12/02 6:34 p.m.14 views

Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

Impact The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, any existing injected XSS will not run. Patches - See "Patched versions. -...

5.3CVSS6.1AI score0.00246EPSS
Exploits0References6Affected Software1
OSV
OSVadded 2024/12/02 6:34 p.m.6 views

GHSA-8W3P-GF85-QCCH Ibexa Admin UI vulnerable to Cross-site Scripting in a field that is used in the Content name pattern

Impact The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, any existing injected XSS will not run. Patches - See "Patched versions. -...

5.3CVSS5.5AI score0.00246EPSS
Exploits0References6
NVD
NVDadded 2024/11/29 7:15 p.m.13 views

CVE-2024-53864

Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...

5.3CVSS0.00246EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/11/29 6:45 p.m.9 views

CVE-2024-53864 Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui

Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...

5.3CVSS6.1AI score0.00246EPSS
Exploits0References4
CVE
CVEadded 2024/11/29 6:45 p.m.55 views

CVE-2024-53864

CVE-2024-53864 describes an XSS vulnerability in the Ibexa Admin UI Bundle, specifically in the Content name pattern mechanism used to build content names from multiple fields. Exploitation requires content edit permissions, and the issue allows injection of malicious scripts via the Content name...

5.3CVSS5.8AI score0.00246EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/11/29 6:45 p.m.18 views

CVE-2024-53864 Cross-site Scripting in a field that is used in the Content name pattern in ibexa/admin-ui

Ibexa Admin UI Bundle is all the necessary parts to run the Ibexa DXP Back Office interface. The Content name pattern is used to build Content names from one or more fields. An XSS vulnerability has been found in this mechanism. Content edit permission is required to exploit it. After the fix, an...

5.3CVSS0.00246EPSS
Exploits0References4
Rows per page
Query Builder