Mango Security Vulnerabilities and Issues — Mango CVE List

Lucene search

RadixiotMango

4 matches found

CVE•added 2024/10/25 7:15 p.m.•82 views

CVE-2024-37847

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.

9.8CVSS7.8AI score0.01179EPSS

CVE•added 2024/10/25 7:15 p.m.•37 views

CVE-2024-37845

MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the Active Process Command feature.

7.2CVSS8.3AI score0.01233EPSS

CVE•added 2024/10/25 7:15 p.m.•36 views

CVE-2024-37844

A stored cross-site scripting (XSS) vulnerability in MangoOS before 5.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

5.4CVSS5.6AI score0.0006EPSS

CVE•added 2024/10/25 7:15 p.m.•36 views

CVE-2024-37846

MangoOS before 5.2.0 was discovered to contain a Client-Side Template Injection (CSTI) vulnerability via the Platform Management Edit page.

9.8CVSS7.6AI score0.00089EPSS