PT-2024-27345 · Unknown · Metersphere

Mia0A-Hi

·

Published

2024-06-11

·

Updated

2025-09-04

·

CVE-2024-37161

CVSS v3.1

6.1

Medium

VectorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions MeterSphere versions prior to 1.10.1-lts
Description The system's step editor in MeterSphere stores cross-site scripting vulnerabilities.
Recommendations For versions prior to 1.10.1-lts, update to version 1.10.1-lts to resolve the issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2024-37161
GHSA-6H7V-Q5RP-H6Q9

Affected Products

Metersphere