CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23505

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive PDF Viewer & 3D PDF Flipbook – DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook – DearPDF: from n/a through 2.0.38.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.7%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2024-23505

Dearhive » Dearpdf » Version: 1.0.116

cpe:2.3:a:dearhive:dearpdf:1.0.116
Dearhive » Dearpdf » Version: 1.0.76

cpe:2.3:a:dearhive:dearpdf:1.0.76
Dearhive » Dearpdf » Version: 1.0.89

cpe:2.3:a:dearhive:dearpdf:1.0.89
Dearhive » Dearpdf » Version: 1.0.92

cpe:2.3:a:dearhive:dearpdf:1.0.92
Dearhive » Dearpdf » Version: 1.1.75

cpe:2.3:a:dearhive:dearpdf:1.1.75
Dearhive » Dearpdf » Version: 1.1.84

cpe:2.3:a:dearhive:dearpdf:1.1.84
Dearhive » Dearpdf » Version: 1.2.61

cpe:2.3:a:dearhive:dearpdf:1.2.61
Dearhive » Dearpdf » Version: 1.2.62

cpe:2.3:a:dearhive:dearpdf:1.2.62
Dearhive » Dearpdf » Version: 2.0.30

cpe:2.3:a:dearhive:dearpdf:2.0.30
Dearhive » Dearpdf » Version: 2.0.38

cpe:2.3:a:dearhive:dearpdf:2.0.38

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23505

Products

Pricing

Contact Us