6 matches found
CVE-2024-51603
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...
CVE-2024-51603
creationtimestamp| type| source ---|---|--- 2024-11-09 14:32:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113453480890896239 2024-11-09 17:16:31+00:00| seen| https://t.me/cvedetector/10397...
CVE-2024-51603 WordPress NMR Strava activities plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...
CVE-2024-51603 WordPress NMR Strava activities plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mirceatm NMR Strava activities nmr-strava-activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through = 1.0.7...
CVE-2024-51603
CVE-2024-51603 affects the WordPress plugin NMR Strava activities up to version 1.0.6. It is a DOM-based XSS caused by improper input neutralization during page generation. Exploitation details are not provided in the documents; success could lead to attacker-supplied script executing in a victim...
WordPress NMR Strava activities Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software NMR Strava activities Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51603 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e4915bebbc1d Credits SOPROBRO Required privilege...