CVE-2024-35655

MEDIUM5.9EPSS 0.11%

發布日:2024/7/18修改日:2024/11/27

描述

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brave Brave Popup Builder allows Stored XSS.This issue affects Brave Popup Builder: from n/a through 0.6.9.

受影響套件(2)

Bitnami/wordpressfrom 0, < 0.7.0
Bitnami/wordpress-multisitefrom 0, < 0.7.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

參考連結(1)

WEBhttps://patchstack.com/database/vulnerability/brave-popup-builder/wordpress-brave-interactive-content-plugin-0-6-8-cross-site-scripting-xss-vulnerability?_s_id=cve