PT-2024-25571 · Unknown · Codename065 Sliding Widgets

Dimas Maulana

·

Published

2024-05-02

·

Updated

2024-05-14

·

CVE-2024-33938

CVSS v3.1

6.5

Medium

VectorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions codename065 Sliding Widgets versions 1.5.0 and earlier
Description The issue is related to a Missing Authorization vulnerability that allows Cross-Site Scripting (XSS) in codename065 Sliding Widgets.
Recommendations For versions 1.5.0 and earlier, update to a version that includes the fix for this issue, as no specific workaround is provided.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2024-33938

Affected Products

Codename065 Sliding Widgets