Lucene search
+L

6 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/09/19 3:46 p.m.11 views

Security Bulletin: IBM Maximo Application Suite uses tinymce-6.8.3.tgz which is vulnerable to CVE-2024-38357, CVE-2024-38356

Summary IBM Maximo Application Suite uses tinymce-6.8.3.tgz which is vulnerable to CVE-2024-38357, CVE-2024-38356. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-38357 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting,...

6.1CVSS6AI score0.00529EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/09/06 8:31 a.m.17 views

Security Bulletin: There is a vulnerability in tinymce-6.8.1.min.js used by IBM Maximo Asset Management application (CVE-2024-38357, CVE-2024-38356)

Summary There is a vulnerability in tinymce-6.8.1.min.js used by IBM Maximo Asset Management application. Vulnerability Details CVEID:CVE-2024-38357 DESCRIPTION: TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the noscript elements. A remote...

6.1CVSS6AI score0.00529EPSS
Exploits0Affected Software11
Debian CVE
Debian CVE
added 2024/06/19 8:3 p.m.43 views

CVE-2024-38357

Removed by vendor...

6.1CVSS7AI score0.00529EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/06/19 3:7 p.m.6 views

@arkxio/ark-ui (>=0.1.0 <=0.1.18), @arkxio/ark-ui-src (=0.1.0) +39 more potentially affected by CVE-2024-38357 via tinymce (>=6.0.0 <=6.8.3)

tinymce NPM version =6.0.0, =0.1.0, =0.1.19, =0.1.0, =0.1.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.7 and more Source cves: CVE-2024-38357 Source advisory: OSV:GHSA-W9JX-4G6G-RP7X...

6.1CVSS6.8AI score0.00529EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/06/19 3:7 p.m.7 views

@ifanrx/dashboard (>=0.1.1 <=1.3.0-alpha-20240730001), @ithinkdt/editor (>=3.4.11 <=3.5.0) +1 more potentially affected by CVE-2024-38357 via tinymce (>=7.0.1 <=7.1.2)

tinymce NPM version =7.0.1, =0.1.1, =3.4.11, =3.0.7, =3.4.0-5 Source cves: CVE-2024-38357 Source advisory: OSV:GHSA-W9JX-4G6G-RP7X...

6.1CVSS6.8AI score0.00529EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/06/19 3:7 p.m.5 views

bpp-iplweb (>=202304.1100.0 <=202504.1174.0), django-saas-email (>=0.1.21 <=0.1.29) +8 more potentially affected by CVE-2024-38357 via django-tinymce (>=1.5.1b4 <=3.7.1)

django-tinymce PYPI version =1.5.1b4, =202304.1100.0, =0.1.21, =0.8.0, =3.3.3, =0.6.0, =0.1.3.2, =1.0.0b1, =0.3.0, =0.5.2 - zinnia-wysiwyg-tinymce =1.4.0 Source cves: CVE-2024-38357 Source advisory: OSV:GHSA-W9JX-4G6G-RP7X...

6.1CVSS6.8AI score0.00529EPSS
Exploits0
Rows per page
Query Builder