Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
GetgristGrist-core

3 matches found

CVE
CVEadded 2024/12/20 9:15 p.m.44 views

CVE-2024-56359

grist-core is a spreadsheet hosting server. A user visiting a malicious document and clicking on a link in a HyperLink cell using a control modifier (meaning for example Ctrl+click) could have their account compromised, since the link could use the javascript: scheme and be evaluated in the context...

8.1CVSS8AI score0.00065EPSS
CVE
CVEadded 2024/12/20 9:15 p.m.43 views

CVE-2024-56358

grist-core is a spreadsheet hosting server. A user visiting a malicious document and previewing an attachment could have their account compromised, because JavaScript in an SVG file would be evaluated in the context of their current page. This issue has been patched in version 1.3.2. Users are advi...

8.1CVSS8AI score0.00065EPSS
CVE
CVEadded 2024/12/20 9:15 p.m.40 views

CVE-2024-56357

grist-core is a spreadsheet hosting server. A user visiting a malicious document or submitting a malicious form could have their account compromised, because it was possible to use the javascript: scheme with custom widget URLs and form redirect URLs. This issue has been patched in version 1.3.1. U...

8.1CVSS8AI score0.00065EPSS