Lucene search
+L

9 matches found

Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.15 views

CVE-2024-27728

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature...

6.1AI score0.00308EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.10 views

CVE-2024-27731

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter...

6.1AI score0.00298EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.15 views

CVE-2024-27730

Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature...

7.5AI score0.00804EPSS
Exploits1References2
CVE
CVE
added 2024/08/15 12:0 a.m.61 views

CVE-2024-27728

CVE-2024-27728 is a Cross Site Scripting vulnerability affecting Friendica version 2023.12. The issue allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature. Several sources (NVD, Red Hat, OSV, CVE list entries, and PT Security) corroborate this...

6.1CVSS6.1AI score0.00308EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/15 12:0 a.m.14 views

CVE-2024-27729

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...

6.3AI score0.0037EPSS
Exploits1References2
CVE
CVE
added 2024/08/15 12:0 a.m.65 views

CVE-2024-27730

CVE-2024-27730 – Normal mode Affected product: Friendica v2023.12. Vulnerability: Insecure Permissions allowing a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature. Impact: High (per CVSS 3.1 metrics: CVSS:3.1/AV:N/AC:L/...

9.8CVSS7.7AI score0.00804EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/08/15 12:0 a.m.32 views

CVE-2024-27728

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature...

0.00308EPSS
Exploits1References2
OSV
OSV
added 2024/08/15 12:0 a.m.8 views

CVE-2024-27729

Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...

7.4CVSS6AI score0.0037EPSS
Exploits1References4
CVE
CVE
added 2024/08/15 12:0 a.m.65 views

CVE-2024-27729

CVE-2024-27729 describes a Cross Site Scripting vulnerability in the Friendica 2023.12 calendar event feature, where an attacker can obtain sensitive information via the calendar event’s location parameter. The affected software is Friendica (version 2023.12) and the underlying issue is a reflect...

7.4CVSS6.1AI score0.0037EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder