CVE-2024-23186

CVSS V2 None CVSS V3 None
Description
E-Mail containing malicious display-name information could trigger client-side script execution when using specific mobile devices. Attackers could perform malicious API requests or extract information from the users account. Please deploy the provided updates and patch releases. We now use safer methods of handling external content when embedding displayname information to the web interface. No publicly available exploits are known.
Overview
  • CVE ID
  • CVE-2024-23186
  • Assigner
  • OX
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-05-06T06:36:38.440Z
  • Last Modified Date
  • 2024-06-04T17:45:38.374Z
History
Created Old Value New Value Data Type Notes
2024-06-26 06:52:53 Added to TrackCVE