5 matches found
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37619
StrongShop v1.0 was discovered to contain a reflected cross-site scripting XSS vulnerability via the specgroupid parameter at /spec/index.blade.php...
CVE-2024-37619
CVE-2024-37619 affects StrongShop v1.0. A reflected cross-site scripting (XSS) vulnerability exists in the /spec/index.blade.php endpoint, exploitable via the parameter spec_group_id . The provided sources consistently describe a reflected XSS issue originating from that parameter, with no public...
CVE-2024-37621
StrongShop v1.0 was discovered to contain a Server-Side Template Injection SSTI vulnerability via the component /shippingOptionConfig/index.blade.php...
CVE-2024-37621
CVE-2024-37621 affects StrongShop v1.0, with a Server-Side Template Injection (SSTI) vulnerability in the component /shippingOptionConfig/index.blade.php. The connected sources explicitly identify the vulnerable element and software version, but do not provide any confirmed exploit details, affec...