CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Hortusfox: >> Hortusfox >> 3.9 Security Vulnerabilities

CVE-2024-57329

HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant" function. The name input field does not sanitize or escape user inputs, allowing attackers to inject and execute arbitrary JavaScript payloads.

CVSS Score

5.4

EPSS Score

0.001

Published

2025-01-23

Page 1

Vulnerabilities

Vulnerable Software

Hortusfox: >> Hortusfox >> 3.9 Security Vulnerabilities

Products

Pricing

Contact Us