Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS05Y2dmLXB4d3EtMmNwd84AA5ET

Stimulsoft Dashboard.JS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field.

Permalink: https://github.com/advisories/GHSA-9cgf-pxwq-2cpw
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS05Y2dmLXB4d3EtMmNwd84AA5ET
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 3 months ago
Updated: 2 months ago

CVSS Score: 5.4
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Identifiers: GHSA-9cgf-pxwq-2cpw, CVE-2024-24397
References:

Blast Radius: 1.6

Affected Packages

npm:stimulsoft-dashboards-js

Dependent packages: 0
Dependent repositories: 2
Downloads: 3,687 last month
Affected Version Ranges: < 2024.1.2
Fixed in: 2024.1.2
All affected versions: 2019.2.1, 2019.2.2, 2019.2.3, 2019.3.1, 2019.3.2, 2019.3.3, 2019.3.4, 2019.3.5, 2019.3.6, 2019.3.7, 2019.4.1, 2019.4.2, 2020.1.1, 2020.2.1, 2020.2.2, 2020.2.3, 2020.3.1, 2020.3.2, 2020.4.1, 2020.4.2, 2020.5.1, 2020.5.2, 2021.1.1, 2021.1.2, 2021.2.1, 2021.2.2, 2021.2.3, 2021.2.4, 2021.3.1, 2021.3.2, 2021.3.3, 2021.3.4, 2021.3.5, 2021.3.6, 2021.3.7, 2021.4.1, 2021.4.2, 2021.4.3, 2021.4.4, 2022.1.1, 2022.1.2, 2022.1.3, 2022.1.4, 2022.1.5, 2022.1.6, 2022.2.1, 2022.2.3, 2022.2.4, 2022.2.5, 2022.2.6, 2022.3.1, 2022.3.2, 2022.3.3, 2022.3.4, 2022.3.5, 2022.4.1, 2022.4.2, 2022.4.3, 2022.4.4, 2022.4.5, 2023.1.1, 2023.1.2, 2023.1.3, 2023.1.4, 2023.1.5, 2023.1.6, 2023.1.7, 2023.1.8, 2023.2.1, 2023.2.2, 2023.2.3, 2023.2.4, 2023.2.5, 2023.2.6, 2023.2.7, 2023.2.8, 2023.3.1, 2023.3.2, 2023.3.3, 2023.3.4, 2023.4.1, 2023.4.2, 2023.4.3, 2023.4.4, 2024.1.1
All unaffected versions: 2024.1.2, 2024.1.3, 2024.1.4, 2024.2.1, 2024.2.2, 2024.2.3, 2024.2.4