CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-29504

Cross Site Scripting vulnerability in Summernote v.0.8.18 and before allows a remote attacker to execute arbtirary code via a crafted payload to the codeview parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.0%

CVSS Severity

CVSS v3 Score 7.6

References

https://gist.github.com/phoenix118go/a9192281efcfa518daa709ab7638712b
https://github.com/summernote/summernote/pull/3782
https://gist.github.com/phoenix118go/a9192281efcfa518daa709ab7638712b
https://github.com/summernote/summernote/pull/3782

Products affected by CVE-2024-29504

Summernote » Summernote » Version: 0.8.18

cpe:2.3:a:summernote:summernote:0.8.18

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-29504

Products

Pricing

Contact Us