Vulnerability Details CVE-2024-27278
OpenPNE Plugin "opTimelinePlugin" 1.2.11 and earlier contains a cross-site scripting vulnerability. On the site which uses the affected product, when a user configures the profile with some malicious contents, an arbitrary script may be executed on the web browsers of other users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.9%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2024-27278
-
cpe:2.3:a:openpne:optimelineplugin:*