3 matches found
CVE-2023-24811
Misskey (open source social platform) has a cross-site scripting (XSS) flaw in the URL preview feature affecting versions prior to 13.3.2, caused by insufficient URL validation. Arbitrary JavaScript can execute when a malicious URL is loaded via the View in Player or View in Window previews. The ...
CVE-2023-24811 Cross site scripting (XSS) vulnerability using url preview in Misskey
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.2 the URL preview function is subject to a cross site scripting vulnerability due to insufficient URL validation. Arbitrary JavaScript is executed when a malicious URL is loaded in the View in Player or View...
CVE-2023-24811 Cross site scripting (XSS) vulnerability using url preview in Misskey
Misskey is an open source, decentralized social media platform. In versions prior to 13.3.2 the URL preview function is subject to a cross site scripting vulnerability due to insufficient URL validation. Arbitrary JavaScript is executed when a malicious URL is loaded in the View in Player or View...