Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:13 a.m.8 views

CVE-2024-53273

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS5.8AI score0.00447EPSS
Exploits1References1
NVD
NVD
added 2024/12/12 2:15 a.m.11 views

CVE-2024-53273

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS0.00447EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/11 10:13 p.m.16 views

CVE-2024-53273 GHSL-2024-110: Reflected XSS in /register in habitica

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS0.00447EPSS
Exploits1References2
CVE
CVE
added 2024/12/11 10:13 p.m.48 views

CVE-2024-53273

Habitica (open‑source app) has a reflected XSS in the /register path prior to version 5.28.5. The vulnerability arises from an incorrect sanitization in the RegisterLoginReset.vue component, allowing a malicious redirectTo parameter to trigger the attack and potentially gain control of a victim’s...

6.2CVSS5.8AI score0.00447EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/11 10:13 p.m.7 views

CVE-2024-53273 GHSL-2024-110: Reflected XSS in /register in habitica

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS5.8AI score0.00447EPSS
Exploits1References2
OSV
OSV
added 2024/12/11 10:13 p.m.7 views

CVE-2024-53273 GHSL-2024-110: Reflected XSS in /register in habitica

Habitica is an open-source habit-building program. Versions prior to 5.28.5 are vulnerable to reflected cross-site scripting. The register function in RegisterLoginReset.vue contains a reflected XSS vulnerability due to an incorrect sanitization function. An attacker can specify a malicious...

6.2CVSS5.8AI score0.00447EPSS
Exploits1References4
Rows per page
Query Builder