CVE-2024-34707
CVE-2024-34707 affects Nautobot where an admin user can modify BANNER_TOP, BANNER_BOTTOM, and BANNER_LOGIN via the /admin/constance/config/ endpoint, enabling insertion of arbitrary HTML and potentially stored XSS across Nautobot pages. Multiple connected sources confirm this risk and describe th...