Количество 2
Количество 2
CVE-2024-37156
больше 1 года назад
The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3.
CVSS3: 6.1
EPSS: Низкий
GHSA-rrvc-c7xg-7cf3
больше 1 года назад
TokenController formName not sanitized in hidden input
CVSS3: 6.1
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-37156 The SuluFormBundle adds support for creating dynamic forms in Sulu Admin. The TokenController get parameter formName is not sanitized in the returned input field which leads to XSS. This vulnerability is fixed in 2.5.3. | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
| GHSA-rrvc-c7xg-7cf3 TokenController formName not sanitized in hidden input | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу
20