exploitDog

CVE-2024-40124

Опубликовано: 17 апр. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via the New URL Bookmark feature.

Ссылки

https://gist.github.com/Xib3rR4dAr/711195d5793bfbb4364dc179ecaae25d
Exploit
Third Party Advisory
https://pydio.com/en/community/releases/pydio-core/pydio-core-pydio-enterprise-825-hotfix-824
Patch
https://gist.github.com/Xib3rR4dAr/711195d5793bfbb4364dc179ecaae25d
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pydio:pydio:*:*:*:*:*:*:*:*

Версия до 8.2.5 (включая)

EPSS

Процентиль: 15%

0.00049

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-40124

CVSS3: 5.4

ubuntu

10 месяцев назад

Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via the New URL Bookmark feature.

CVE-2024-40124

CVSS3: 5.4

debian

10 месяцев назад

Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via th ...

GHSA-hjvx-hp9r-h988

CVSS3: 5.4

github

10 месяцев назад

Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting (XSS) via the New URL Bookmark feature.

EPSS

Процентиль: 15%

0.00049

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79