4 matches found
CVE-2024-37488
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through = 1.1.9...
CVE-2024-37488
The CVE-2024-37488 entry concerns HelloAsso for WordPress (HelloAsso plugin) with versions up to 1.1.9. The connected documents indicate an “Authenticated Stored Cross-Site Scripting” vulnerability caused by improper input neutralization during web page generation, which can enable stored XSS whe...
CVE-2024-37488 WordPress HelloAsso plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.9...
WordPress HelloAsso Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software HelloAsso Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37488 Patch priority Low CVSS severity Low 6.5 Developer HelloAsso PSID 06d0e3dad62d Credits justakazh Required privilege Contributor Publishe...