9 matches found
CVE-2024-27728
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature...
CVE-2024-27731
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the lack of file type filtering in the file attachment parameter...
CVE-2024-27730
Insecure Permissions vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature...
CVE-2024-27728
CVE-2024-27728 is a Cross Site Scripting vulnerability affecting Friendica version 2023.12. The issue allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature. Several sources (NVD, Red Hat, OSV, CVE list entries, and PT Security) corroborate this...
CVE-2024-27729
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...
CVE-2024-27730
CVE-2024-27730 – Normal mode Affected product: Friendica v2023.12. Vulnerability: Insecure Permissions allowing a remote attacker to obtain sensitive information and execute arbitrary code via the cid parameter of the calendar event feature. Impact: High (per CVSS 3.1 metrics: CVSS:3.1/AV:N/AC:L/...
CVE-2024-27728
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the text parameter of the babel debug feature...
CVE-2024-27729
Cross Site Scripting vulnerability in Friendica v.2023.12 allows a remote attacker to obtain sensitive information via the location parameter of the calendar event feature...
CVE-2024-27729
CVE-2024-27729 describes a Cross Site Scripting vulnerability in the Friendica 2023.12 calendar event feature, where an attacker can obtain sensitive information via the calendar event’s location parameter. The affected software is Friendica (version 2023.12) and the underlying issue is a reflect...