Vulnerability Details CVE-2024-37629
SummerNote v0.9.1 is vulnerable to Cross Site Scripting (XSS) via the Code View Function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.6%
CVSS Severity
CVSS v3 Score 6.1
References
- https://github.com/summernote/summernote/issues/4642
- https://github.com/summernote/summernote/releases/tag/v0.9.1
- https://grumpz.net/cve-2024-37629-simple-xss-payload-exploits-0day-vulnerability-in-10000-web-apps
- https://github.com/summernote/summernote/issues/4642
- https://grumpz.net/cve-2024-37629-simple-xss-payload-exploits-0day-vulnerability-in-10000-web-apps
Products affected by CVE-2024-37629
-
cpe:2.3:a:summernote:summernote:0.8.18