CVE-2024-37536

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web357 Easy Custom Code LESS/CSS/JS – Live editing allows Stored XSS.This issue affects Easy Custom Code LESS/CSS/JS – Live editing: from n/a through 1.0.8...

PT-2024-27634 · Web357 · Web357 Easy Custom Code

Name of the Vulnerable Software and Affected Versions: Web357 Easy Custom Code LESS/CSS/JS – Live editing versions 1.0.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...