CVE-2024-42818

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT

Description

A cross-site scripting (XSS) vulnerability in the Config-Create function of fastapi-admin pro v0.1.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name parameter.

fastapi-admin/fastapi-admin
fastapi-admin/fastapi-admin
A fast admin dashboard based on FastAPI and TortoiseORM with tabler ui, inspired by Django admin
GitHubGitHub
3.78K