Skip to content

Commit

Permalink
generated content from 2024-10-12
Browse files Browse the repository at this point in the history
  • Loading branch information
@github-actions
github-actions[bot] committed Oct 12, 2024
1 parent 718c171 commit f563c1f
Show file tree
Hide file tree
Showing 133 changed files with 3,036 additions and 0 deletions.
132 changes: 132 additions & 0 deletions mapping.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -251659,3 +251659,135 @@ vulnerability,CVE-2024-6157,vulnerability--1ef7239c-1b62-4ace-9479-f7391138ccf4
vulnerability,CVE-2024-6747,vulnerability--e0d7ddd8-ec4d-4186-ac42-ef6c1146a085
vulnerability,CVE-2024-6530,vulnerability--adf915b7-3a60-4a6c-8658-6831d0213716
vulnerability,CVE-2023-25581,vulnerability--a9d7817b-647e-4e94-8237-78588a134a2b
vulnerability,CVE-2024-48768,vulnerability--0cd1e98b-1f1c-4146-a266-593e2ea4489e
vulnerability,CVE-2024-48787,vulnerability--1214266e-fe49-4e28-bce6-d107aae70d3c
vulnerability,CVE-2024-48938,vulnerability--551eb97a-5b82-4a87-a164-df8f6e708971
vulnerability,CVE-2024-48770,vulnerability--5bd59af2-a5d1-48e1-9bca-b0d8efed466b
vulnerability,CVE-2024-48813,vulnerability--53476778-8ed8-444a-af5e-56bf7014959c
vulnerability,CVE-2024-48774,vulnerability--e7d54ddb-3735-4a5a-b6f7-f23ca79462e3
vulnerability,CVE-2024-48786,vulnerability--dbdc8c0d-c872-4d6c-8201-6351678cb662
vulnerability,CVE-2024-48777,vulnerability--f2340006-575e-43e6-8aaf-67a185619258
vulnerability,CVE-2024-48784,vulnerability--4e2042a8-9ad8-4023-9585-564db138dbcc
vulnerability,CVE-2024-48041,vulnerability--5964bf16-0900-4525-b5c3-ad8de753320e
vulnerability,CVE-2024-48771,vulnerability--ea0a73bf-c4ac-4bce-89f1-72b242f84f08
vulnerability,CVE-2024-48772,vulnerability--af8c44ad-b81d-4ea4-875e-a02f64cc85d6
vulnerability,CVE-2024-48775,vulnerability--c5c76314-e978-41e8-bd93-d90e1ff4bdc8
vulnerability,CVE-2024-48776,vulnerability--79420ece-4210-4bd3-b1bb-35a407338eaa
vulnerability,CVE-2024-48040,vulnerability--fad3745f-1967-4e43-b300-329a5c950f22
vulnerability,CVE-2024-48773,vulnerability--1140c2d3-a4b7-482a-a34d-8451147723bc
vulnerability,CVE-2024-48937,vulnerability--9378d2dc-0b70-4b9b-97d5-6bcfcb05e7dd
vulnerability,CVE-2024-48778,vulnerability--9519b884-3250-4ce4-abde-51a89c85ffd0
vulnerability,CVE-2024-48987,vulnerability--1b79e9bf-e8d0-4886-aaf5-9fb33a2e44a8
vulnerability,CVE-2024-48033,vulnerability--6f948463-e81c-4115-a6f3-1f9d7023d268
vulnerability,CVE-2024-48827,vulnerability--5b37a9e3-afd7-4c60-9385-984253968f64
vulnerability,CVE-2024-48769,vulnerability--5aac113e-1121-429e-9011-e58be3731ac5
vulnerability,CVE-2024-48020,vulnerability--954172ea-bbbe-4635-8190-783d8dfc2381
vulnerability,CVE-2024-48788,vulnerability--cfe6a7e9-a764-431b-bc38-36d5dbb10fb0
vulnerability,CVE-2024-45396,vulnerability--a7faa529-da2e-4e5e-b5f1-e8e4290002b0
vulnerability,CVE-2024-45397,vulnerability--42e266c7-e802-48b5-935b-188c1e80093e
vulnerability,CVE-2024-45754,vulnerability--717d41d7-4239-4fd6-b2d1-ba8f1f4dd715
vulnerability,CVE-2024-45402,vulnerability--71468f81-ffa3-4a28-8a44-55837ebcb9d8
vulnerability,CVE-2024-45184,vulnerability--575cf715-72e8-4937-8863-56fa1ed3cbba
vulnerability,CVE-2024-45317,vulnerability--954afa5b-a8ec-4ea4-9010-6060e2879d6b
vulnerability,CVE-2024-45316,vulnerability--014b0dac-9009-4aa1-9017-947d609b08e6
vulnerability,CVE-2024-45403,vulnerability--07f3e948-ad9c-4cb0-92a6-bf7792c1d6f0
vulnerability,CVE-2024-45315,vulnerability--0e1e0292-8883-429d-9727-7a1cc8c47c3c
vulnerability,CVE-2024-9587,vulnerability--79b6183f-c22f-4e22-84cd-84d8039b197f
vulnerability,CVE-2024-9616,vulnerability--6174e937-1ebe-4e53-b8bf-a8253d3a47e3
vulnerability,CVE-2024-9539,vulnerability--a7740811-1ac2-4dc2-880d-b205159ad4b2
vulnerability,CVE-2024-9856,vulnerability--11dff401-abfe-4b1a-8b7f-3e8e091d9c16
vulnerability,CVE-2024-9507,vulnerability--76bd8b1d-bb36-4205-838e-549573b30389
vulnerability,CVE-2024-9211,vulnerability--a7f43c4d-cf69-4a83-9f6d-b2f0c281415b
vulnerability,CVE-2024-9538,vulnerability--e3476462-be4d-4257-9f92-38683ed3f1e2
vulnerability,CVE-2024-9436,vulnerability--08b0f65a-6754-4221-94db-76e6ff27b941
vulnerability,CVE-2024-9002,vulnerability--58b83c3e-fe32-45c8-b9b8-bb91bedbd6e5
vulnerability,CVE-2024-9046,vulnerability--989d2ae6-0690-4e68-9cf3-2839fc63361f
vulnerability,CVE-2024-9232,vulnerability--cc033313-ab5f-4c06-a79b-0f6a2036ce93
vulnerability,CVE-2024-9859,vulnerability--3948dea5-a91a-45de-9305-15c9b0c57ac1
vulnerability,CVE-2024-9346,vulnerability--7e30f124-cb3d-45d8-ba17-279423daac7b
vulnerability,CVE-2024-9221,vulnerability--e0398495-59f8-405f-9d3c-52a232d22fe2
vulnerability,CVE-2024-9234,vulnerability--51770cab-536c-4bf9-b80b-73f233d14c7a
vulnerability,CVE-2024-9822,vulnerability--d6f564ef-37c4-410f-aa24-780f11d38a38
vulnerability,CVE-2024-9051,vulnerability--133390f0-e919-4cac-81f3-3a7e059514df
vulnerability,CVE-2024-9543,vulnerability--8f38026e-2504-4f6e-880b-7739e494453b
vulnerability,CVE-2024-9855,vulnerability--1504c7ec-a424-4602-9aea-9cc7b355fd4e
vulnerability,CVE-2024-9586,vulnerability--070fee5a-10a8-4c86-973d-d31202b32946
vulnerability,CVE-2024-9611,vulnerability--e0db63f2-9ded-49ce-b361-9db5875efd80
vulnerability,CVE-2024-9707,vulnerability--5496f42a-b1cb-47f0-966c-2f837ecbb44d
vulnerability,CVE-2024-9164,vulnerability--5e08ce05-0c1a-4de1-9fed-fe987d650239
vulnerability,CVE-2024-9610,vulnerability--41c91d00-3e34-42b7-a1bd-afe1876ff76b
vulnerability,CVE-2024-39534,vulnerability--c87acf80-b70e-4688-a70d-3383eadd0964
vulnerability,CVE-2024-39547,vulnerability--28af7eb0-1ec0-42d0-85a3-648de82e595a
vulnerability,CVE-2024-39563,vulnerability--ed944f74-6bf2-4ea5-a3e6-1e87807571d6
vulnerability,CVE-2024-39527,vulnerability--9eea23fd-77aa-4f09-a387-5af5cdb919dc
vulnerability,CVE-2024-39544,vulnerability--3584fca1-0d19-4456-b7db-7747470c3efc
vulnerability,CVE-2024-39526,vulnerability--e5e43c1a-71b1-4768-90c1-6b54ddf18452
vulnerability,CVE-2024-47494,vulnerability--bb265ab2-f354-488c-84e2-6352c30078e7
vulnerability,CVE-2024-47503,vulnerability--422d370e-905e-441d-9006-fdee74fed037
vulnerability,CVE-2024-47353,vulnerability--f7a196f6-4463-4e33-b7bc-2f98f71669ac
vulnerability,CVE-2024-47506,vulnerability--68b3c929-da49-492c-accf-01ba309715da
vulnerability,CVE-2024-47504,vulnerability--c338742f-e168-4180-84f7-ea58503ae8f1
vulnerability,CVE-2024-47331,vulnerability--91d6ccff-b7ff-4113-aaf8-8d60c9a72542
vulnerability,CVE-2024-47074,vulnerability--5e425cec-fdc9-493d-be06-6125f89d96ab
vulnerability,CVE-2024-47501,vulnerability--b6083a88-3eef-4203-b8f9-7a9680f480e0
vulnerability,CVE-2024-47498,vulnerability--465ee296-c329-4534-836e-806014bb2aa1
vulnerability,CVE-2024-47489,vulnerability--01978481-74d2-46e6-bbc5-e70a1e0be699
vulnerability,CVE-2024-47491,vulnerability--420a0a18-5917-43ef-85de-0b8f62bc7e24
vulnerability,CVE-2024-47496,vulnerability--91ef0970-42cc-48ed-a256-15dd4771d4ad
vulnerability,CVE-2024-47493,vulnerability--bac0c840-f0f7-4a67-9712-3236ff334564
vulnerability,CVE-2024-47508,vulnerability--95a69c44-ff60-44c7-af33-a0a4521f8c93
vulnerability,CVE-2024-47507,vulnerability--7ed631c6-3d11-4841-b6ea-dad15bc57ba2
vulnerability,CVE-2024-47875,vulnerability--c185845e-095f-48d9-beb0-58eef9579172
vulnerability,CVE-2024-47830,vulnerability--79fe9ca9-b871-4ff6-abeb-2cd9c773d212
vulnerability,CVE-2024-47509,vulnerability--898394cd-fe8c-40c6-9a68-662ae1a6c5e1
vulnerability,CVE-2024-47499,vulnerability--bb246c76-ddb3-4ca6-92e2-d7c011ffb26e
vulnerability,CVE-2024-47495,vulnerability--eee889a9-0df9-4475-8757-f14593477caf
vulnerability,CVE-2024-47497,vulnerability--27a3a597-8061-4acc-9153-4612a34aea47
vulnerability,CVE-2024-47884,vulnerability--e16458da-6f88-4fc5-9e37-44672fdb8190
vulnerability,CVE-2024-47505,vulnerability--5186c52f-9f6a-437a-930b-a8c24024168d
vulnerability,CVE-2024-47877,vulnerability--735f8c12-deea-4b5d-b31c-eb8462b6608d
vulnerability,CVE-2024-47502,vulnerability--bd33eb02-a56b-428d-b254-c494d6d5e7b5
vulnerability,CVE-2024-47490,vulnerability--d6ecc807-b75e-482b-9d70-d7c43fbc0515
vulnerability,CVE-2024-7514,vulnerability--740f0b52-0e0b-44a1-a8d9-ec1cbc6a0e38
vulnerability,CVE-2024-25622,vulnerability--ded0ced1-7ca9-441b-ba09-191d92d644c0
vulnerability,CVE-2024-44731,vulnerability--da0dd700-4b01-47b7-aaae-6d2dc2c2cca9
vulnerability,CVE-2024-44415,vulnerability--8af3e7ec-ae31-4ab0-9b95-bbe7ef2f3e01
vulnerability,CVE-2024-44730,vulnerability--873747bc-36b2-4a19-98b6-2c928a4d4e62
vulnerability,CVE-2024-44413,vulnerability--c1f08be0-ac14-46fc-83d8-a3f6e7f4b36b
vulnerability,CVE-2024-44734,vulnerability--87df13a5-c6af-4efc-846c-89fcf487c8d7
vulnerability,CVE-2024-44157,vulnerability--a443514e-a99d-4925-b60f-c60881b57af7
vulnerability,CVE-2024-44807,vulnerability--b0669b6c-5765-4749-9254-309460ce2853
vulnerability,CVE-2024-44414,vulnerability--619b09f9-7d84-49a6-bbfc-ddc9756d595a
vulnerability,CVE-2024-44729,vulnerability--aa739d0b-6c0a-4641-8245-241cab773906
vulnerability,CVE-2024-33580,vulnerability--90eeba39-3e49-45b1-894d-7fdb17a9400d
vulnerability,CVE-2024-33579,vulnerability--0635e67e-d2d2-494f-a080-b7865dd5d1fd
vulnerability,CVE-2024-33578,vulnerability--41b7c499-81f4-44d2-8855-b943eec3ab47
vulnerability,CVE-2024-33581,vulnerability--d4971ba3-075f-4396-a8bb-0f8d22b1c7e9
vulnerability,CVE-2024-33582,vulnerability--ac51cab0-b43b-4229-8516-80f21a360dc4
vulnerability,CVE-2024-8755,vulnerability--48a9f276-5e0c-46af-b855-12bfb953fd75
vulnerability,CVE-2024-8530,vulnerability--9bd42e73-efb3-414a-ba3e-304b98a393c0
vulnerability,CVE-2024-8376,vulnerability--c36214ef-d2ac-4401-8cf9-16a1075b16ee
vulnerability,CVE-2024-8913,vulnerability--2dcaf230-e27e-49c8-a079-52efbbf16914
vulnerability,CVE-2024-8912,vulnerability--ec0e3761-3160-4263-ae47-ac0cea3ac301
vulnerability,CVE-2024-8531,vulnerability--738c165e-3ccd-4639-b96d-1b946241af99
vulnerability,CVE-2024-8970,vulnerability--e51e908c-dd35-49ce-aa03-250d65a27a22
vulnerability,CVE-2024-38365,vulnerability--205e2102-1f09-4b0e-89bc-bf8cbb9d41bb
vulnerability,CVE-2024-21534,vulnerability--cc0a3fe4-55a5-478c-bd3e-a18f1c45a9d6
vulnerability,CVE-2024-35517,vulnerability--8fd4883c-c3fc-465f-8619-5f1d3007c2a5
vulnerability,CVE-2024-35522,vulnerability--4ef4e58d-5e56-48c6-ac4a-0f6da11ec1d1
vulnerability,CVE-2024-46088,vulnerability--064a4f74-e00e-4897-9442-8b6d73e12562
vulnerability,CVE-2024-46215,vulnerability--726c07d9-2fdd-4893-b0c6-f828e4258951
vulnerability,CVE-2024-46532,vulnerability--8c2acedc-06f2-416c-9b44-c7b253c08631
vulnerability,CVE-2024-46468,vulnerability--6bbbf3eb-0e16-47df-b732-1cb9c374e598
vulnerability,CVE-2024-42018,vulnerability--8d58d50b-278b-4739-9453-fd8359b78fe9
vulnerability,CVE-2024-42640,vulnerability--ea50bfed-c8f8-4f5e-9f87-537da716325c
vulnerability,CVE-2024-4132,vulnerability--5f9086af-5ca5-4776-a20c-b844a264bc53
vulnerability,CVE-2024-4130,vulnerability--43de79c9-b263-4885-9102-03ba3c24f217
vulnerability,CVE-2024-4131,vulnerability--f7ba37ae-b1b8-4518-8a92-332e690dc9c3
vulnerability,CVE-2024-4089,vulnerability--7d44dc4f-9d94-474b-ae63-d82cc6ff66a3
vulnerability,CVE-2024-5005,vulnerability--597dc0f1-f527-4269-9cb0-0c6a5260e26a
vulnerability,CVE-2024-5474,vulnerability--1a1cceb8-9f45-423b-a7e7-e5d31f3409b0
vulnerability,CVE-2024-6657,vulnerability--5691183e-94e8-4ca6-b65d-886578bf7eac
vulnerability,CVE-2024-6985,vulnerability--62df728c-db9f-4f8f-8a6f-484ff81bcfa8
vulnerability,CVE-2024-6971,vulnerability--c4a926a4-d121-4d5d-bcf9-92ae1e1b527b
vulnerability,CVE-2023-42133,vulnerability--d755b487-a2d0-4aa4-baba-4ef55e0b7b41
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--014b0dac-9009-4aa1-9017-947d609b08e6.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--a5cc1a11-0589-4586-a0e7-704353b78a36",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--014b0dac-9009-4aa1-9017-947d609b08e6",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:13.979671Z",
"modified": "2024-10-12T01:41:13.979671Z",
"name": "CVE-2024-45316",
"description": "The Improper link resolution before file access ('Link Following') vulnerability in SonicWall Connect Tunnel (version 12.4.3.271 and earlier of Windows client) allows users with standard privileges to delete arbitrary folders and files, potentially leading to local privilege escalation attack.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-45316"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--01978481-74d2-46e6-bbc5-e70a1e0be699.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--0bccab36-e0cd-4733-84da-66cda9074df5",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--01978481-74d2-46e6-bbc5-e70a1e0be699",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:14.158261Z",
"modified": "2024-10-12T01:41:14.158261Z",
"name": "CVE-2024-47489",
"description": "An Improper Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of the Juniper Networks Junos OS Evolved on ACX Series devices allows an unauthenticated, network based attacker sending specific transit protocol traffic to cause a partial Denial of Service (DoS) to downstream devices.\n\nReceipt of specific transit protocol packets is incorrectly processed by the Routing Engine (RE), filling up the DDoS protection queue which is shared between routing protocols. This influx of transit protocol packets causes DDoS protection violations, resulting in protocol flaps which can affect connectivity to networking devices.\n\nThis issue affects both IPv4 and IPv6. This issue does not require any specific routing protocol to be configured or enabled.\n\nThe following commands can be used to monitor the DDoS protection queue:\n\n       labuser@re0> show evo-pfemand host pkt-stats\n\n    labuser@re0> show host-path ddos all-policers\n\nThis issue affects Junos OS Evolved: \n\n\n\n * All versions before 21.4R3-S8-EVO, \n * from 22.2 before 22.2R3-S4-EVO, \n * from 22.3 before 22.3R3-S4-EVO, \n * from 22.4 before 22.4R3-S3-EVO, \n * from 23.2 before 23.2R2-EVO, \n * from 23.4 before 23.4R1-S1-EVO, 23.4R2-EVO, \n * from 24.2 before 24.2R2-EVO.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-47489"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--0635e67e-d2d2-494f-a080-b7865dd5d1fd.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--ead7390b-3906-4707-a883-64fe3cc2b934",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--0635e67e-d2d2-494f-a080-b7865dd5d1fd",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:14.574696Z",
"modified": "2024-10-12T01:41:14.574696Z",
"name": "CVE-2024-33579",
"description": "A DLL hijack vulnerability was reported in Lenovo Baiying that could allow a local attacker to execute code with elevated privileges.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-33579"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--064a4f74-e00e-4897-9442-8b6d73e12562.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--6ffe6b66-23ec-4ecf-9366-5c8821ab2bfb",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--064a4f74-e00e-4897-9442-8b6d73e12562",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:15.3706Z",
"modified": "2024-10-12T01:41:15.3706Z",
"name": "CVE-2024-46088",
"description": "An arbitrary file upload vulnerability in the ProductAction.entphone interface of Zhejiang University Entersoft Customer Resource Management System v2002 to v2024 allows attackers to execute arbitrary code via uploading a crafted file.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-46088"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--070fee5a-10a8-4c86-973d-d31202b32946.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--f86760ae-79ab-49df-aa72-ec2b150f8e0b",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--070fee5a-10a8-4c86-973d-d31202b32946",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:14.046703Z",
"modified": "2024-10-12T01:41:14.046703Z",
"name": "CVE-2024-9586",
"description": "The Linkz.ai plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'check_auth' and 'check_logout' functions in versions up to, and including, 1.1.8. This makes it possible for unauthenticated attackers to update plugin settings.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-9586"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--07f3e948-ad9c-4cb0-92a6-bf7792c1d6f0.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--f8bb5d4f-1381-4d86-b1a2-6643da3af36f",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--07f3e948-ad9c-4cb0-92a6-bf7792c1d6f0",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:13.982503Z",
"modified": "2024-10-12T01:41:13.982503Z",
"name": "CVE-2024-45403",
"description": "h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When h2o is configured as a reverse proxy and HTTP/3 requests are cancelled by the client, h2o might crash due to an assertion failure. The crash can be exploited by an attacker to mount a Denial-of-Service attack. By default, the h2o standalone server automatically restarts, minimizing the impact. However, HTTP requests that were served concurrently will still be disrupted. The vulnerability has been addressed in commit 1ed32b2. Users may disable the use of HTTP/3 to mitigate the issue.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-45403"
}
]
}
]
}
22 changes: 22 additions & 0 deletions objects/vulnerability/vulnerability--08b0f65a-6754-4221-94db-76e6ff27b941.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
{
"type": "bundle",
"id": "bundle--6ec267a0-0c63-4128-8349-f34674cd0c54",
"objects": [
{
"type": "vulnerability",
"spec_version": "2.1",
"id": "vulnerability--08b0f65a-6754-4221-94db-76e6ff27b941",
"created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
"created": "2024-10-12T01:41:14.014146Z",
"modified": "2024-10-12T01:41:14.014146Z",
"name": "CVE-2024-9436",
"description": "The PublishPress Revisions: Duplicate Posts, Submit, Approve and Schedule Content Changes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.5.14. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.",
"external_references": [
{
"source_name": "cve",
"external_id": "CVE-2024-9436"
}
]
}
]
}
Loading

0 comments on commit f563c1f

Please sign in to comment.