Lucene search
+L

4 matches found

NVD
NVD
added 2024/06/12 3:15 p.m.18 views

CVE-2024-37304

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...

6.1CVSS0.00656EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/12 2:27 p.m.31 views

CVE-2024-37304 NuGetGallery's Markdown Autolinks Processing Vulnerable to Cross-site Scripting

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...

6.1CVSS0.00656EPSS
Exploits0References3
CVE
CVE
added 2024/06/12 2:27 p.m.47 views

CVE-2024-37304

CVE-2024-37304 concerns NuGetGallery, the NuGet.org frontend/back-end, where Markdown autolinks were not properly sanitized. The vulnerability allows XSS via autolinks such as , since autolinks can be rendered with insufficient sanitization despite standard JavaScript link filtering. A patch was ...

6.1CVSS6AI score0.00656EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2024/06/12 2:27 p.m.20 views

CVE-2024-37304 NuGetGallery's Markdown Autolinks Processing Vulnerable to Cross-site Scripting

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...

6.1CVSS5.6AI score0.00656EPSS
Exploits0References5
Rows per page
Query Builder