Количество 2
Количество 2
CVE-2024-41675
CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN >= 2.7.0 with the datatables_view plugin activated. This is a plugin included in CKAN core, that not activated by default but it is widely used to preview tabular data. This vulnerability has been fixed in CKAN 2.10.5 and 2.11.0.
GHSA-r3jc-vhf4-6v32
CKAN has Cross-site Scripting vector in the Datatables view plugin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-41675 CKAN is an open-source data management system for powering data hubs and data portals. The Datatables view plugin did not properly escape record data coming from the DataStore, leading to a potential XSS vector. Sites running CKAN >= 2.7.0 with the datatables_view plugin activated. This is a plugin included in CKAN core, that not activated by default but it is widely used to preview tabular data. This vulnerability has been fixed in CKAN 2.10.5 and 2.11.0. | CVSS3: 6.8 | 1% Низкий | больше 1 года назад |
| GHSA-r3jc-vhf4-6v32 CKAN has Cross-site Scripting vector in the Datatables view plugin | CVSS3: 6.8 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу