Back

CVE-2024-33209

Oct. 2, 2024, 4:15 p.m.

Received
CVE has been recently published to the CVE List and has been received by the NVD.

Products

FlatPress

  • 1.3

Source

cve@mitre.org

Tags

cve@mitre.org
2024-10-02
CVE-2024-33209

CVE-2024-33209 details

Published : Oct. 2, 2024, 4:15 p.m.
Last Modified : Oct. 2, 2024, 4:15 p.m.

Description

FlatPress v1.3 is vulnerable to Cross Site Scripting (XSS). An attacker can inject malicious JavaScript code into the "Add New Entry" section, which allows them to execute arbitrary code in the context of a victim's web browser.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://github.com/paragbagul111/CVE-2024-33209 cve@mitre.org
This website uses the NVD API, but is not approved or certified by it.