Количество 2
Количество 2
CVE-2024-27290
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The vulnerability has been patched in version 1.4.97 of the master branch.
GHSA-pcfx-g2j2-f6f6
Docassemble HTML and javascript injection
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-27290 Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, a user could type HTML into a field, including the field for the user's name, and then that HTML could be displayed on the screen as HTML. The vulnerability has been patched in version 1.4.97 of the master branch. | CVSS3: 6.1 | 0% Низкий | почти 2 года назад |
| GHSA-pcfx-g2j2-f6f6 Docassemble HTML and javascript injection | CVSS3: 6.1 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу