paragbagul111/CVE-2024-33209

Releases0

FlatPress 1.3. is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33209 ↗	Oct 2, 2024Wednesday, 2 October 2024, 16:15	5.4 MEDIUM	—
FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.