CVE-2024-28853

CVSS V2 None CVSS V3 None
Description
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote attacker to execute code via a crafted payload to serval parameters in the post request of /preferences.php?action=admin_update_preferences. This vulnerability is fixed in 6.3.1.
Overview
  • CVE ID
  • CVE-2024-28853
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-03-27T13:17:56.679Z
  • Last Modified Date
  • 2024-03-27T13:17:56.679Z
References
Reference URL Reference Tags
https://github.com/ampache/ampache/security/advisories/GHSA-prw2-7cr3-5mx8 x_refsource_CONFIRM
History
Created Old Value New Value Data Type Notes
2024-06-26 07:51:35 Added to TrackCVE