CVE-2024-23192

Name of the Vulnerable Software and Affected Versions No specific software name or affected versions are mentioned in the provided descriptions.

Description The issue concerns RSS feeds that contain malicious data attributes, which could be used to inject script code into a user's browser session. This could happen when reading compromised RSS feeds or when users are lured to compromised accounts. Attackers could perform malicious API requests or extract information from the user's account. The descriptions mention that potentially malicious attributes are now removed from external RSS content, and no publicly available exploits are known.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.