Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-50810

Nov. 12, 2024, 1:56 p.m.

Tags

cve@mitre.org
2024-11-08
CVE-2024-50810

Product(s) Impacted

hopetree izone lts

Description

hopetree izone lts c011b48 contains a Cross Site Scripting (XSS) vulnerability in the article comment function. In \apps\comment\views.py, AddCommintView() does not securely filter user input and renders it directly to the frontend page through templates.

Weaknesses

Date

Published: Nov. 8, 2024, 7:15 p.m.

Last Modified: Nov. 12, 2024, 1:56 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References

https://github.com/ cve@mitre.org