Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:34 a.m.12 views

CVE-2024-13141

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...

5.4CVSS5.3AI score0.00386EPSS
Exploits1References1
NVD
NVD
added 2025/01/05 3:15 p.m.24 views

CVE-2024-13141

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...

5.4CVSS0.00386EPSS
Exploits1References4
Circl
Circl
added 2025/01/05 2:38 p.m.11 views

CVE-2024-13141

creationtimestamp| type| source ---|---|--- 2025-01-05 14:38:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113776257997595115 2025-01-05 15:15:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leyvxorzav2o 2025-01-05 15:38:11+00:00|...

5.4CVSS4.4AI score0.00386EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/01/05 2:31 p.m.28 views

CVE-2024-13141 osuuu LightPicture SVG File Upload upload cross site scripting

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...

5.3CVSS0.00386EPSS
Exploits1References4
CVE
CVE
added 2025/01/05 2:31 p.m.88 views

CVE-2024-13141

LightPicture (osuuu) up to v1.2.2 is affected by a cross-site scripting vulnerability in /api/upload of the SVG File Upload Handler, caused by unsanitized handling of the uploaded file parameter. The issue can be exploited remotely and has been publicly disclosed. The PT-2025-2027 entry recommend...

5.4CVSS3.9AI score0.00386EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/01/05 2:31 p.m.10 views

CVE-2024-13141 osuuu LightPicture SVG File Upload upload cross site scripting

A vulnerability classified as problematic was found in osuuu LightPicture up to 1.2.2. This vulnerability affects unknown code of the file /api/upload of the component SVG File Upload Handler. The manipulation of the argument file leads to cross site scripting. The attack can be initiated remotel...

5.3CVSS3.9AI score0.00386EPSS
Exploits1References6
Rows per page
Query Builder