CVE-2024-5165

CVE-2024-5165 affects Eclipse Ditto 3.0.0–3.5.5. The Eclipse Ditto Explorer UI allowed user inputs to be improperly neutralized, enabling both Reflected and Stored XSS. Some inputs are only stored in local browser storage (UI settings/search queries), causing Reflected XSS; others are persisted i...