CVE-2024-43408
CVSS V2 None
CVSS V3 None
Description
Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7.
Overview
- CVE ID
- CVE-2024-43408
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-20T16:28:48.424Z
- Last Modified Date
- 2024-08-20T16:28:48.424Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/discourse/discourse-placeholder-theme-component/security/advisories/GHSA-9wx4-cmv3-g5jw | x_refsource_CONFIRM |
| https://github.com/discourse/discourse-placeholder-theme-component/commit/a62f711d5600e4e5d86f342d52932cb6221672e7 | x_refsource_MISC |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-43408 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-43408 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-08-21 13:18:01 | Added to TrackCVE |