PT-2024-21960 · Eramba · Eramba
Marko Winkler
·
Published
2024-05-15
·
Updated
2024-07-03
·
CVE-2024-27593
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Eramba versions 3.22.3 through 3.22.3
Description
A stored cross-site scripting (XSS) issue in the Filter function allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the
filter name field.Recommendations
For Eramba version 3.22.3, update to version 3.23.0 to resolve the issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Eramba