Количество 2
Количество 2
CVE-2024-28434
The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code.
GHSA-x7hp-f23m-66mj
The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-28434 The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code. | CVSS3: 7.6 | 0% Низкий | почти 2 года назад |
| GHSA-x7hp-f23m-66mj The CRM platform Twenty is vulnerable to stored cross site scripting via file upload in version 0.3.0. A crafted svg file can trigger the execution of the javascript code. | CVSS3: 7.6 | 0% Низкий | почти 2 года назад |
Уязвимостей на страницу