logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2024-45964 tribalsystems/zenario

Package

Manager: composer
Name: tribalsystems/zenario
Vulnerable Version: >=0 <=9.7.61188

Severity

Level: Low

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P

EPSS: 0.00025 pctl0.0535

Details

Zenario Cross Site Scripting in the Image library Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the "Organizer tags" field.

Metadata

Created: 2024-10-02T21:30:35Z
Modified: 2024-10-02T22:35:24Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-2cc5-429x-p387/GHSA-2cc5-429x-p387.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-2cc5-429x-p387
Finding: F425
Auto approve: 1