CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-34831

cross-site scripting (XSS) vulnerability in Gibbon Core v26.0.00 allows an attacker to execute arbitrary code via the imageLink parameter in the library_manage_catalog_editProcess.php component.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.6%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/enzored/CVE-2024-34831

Products affected by CVE-2024-34831

Gibbonedu » Gibbon » Version: 26.0.00

cpe:2.3:a:gibbonedu:gibbon:26.0.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-34831

Products

Pricing

Contact Us