Cross Site Scripting (XSS) vulnerability in Friendica versions after v.2023.12, allows a remote attacker to execute arbitrary code and obtain sensitive information via the BBCode tags in the post content and post comments function.
CVSS
No CVSS.
References
Link | Resource |
---|---|
https://github.com/friendica/friendica/issues/13884 |
Configurations
No configuration.
History
03 Apr 2024, 12:38
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
03 Apr 2024, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-03 03:15
Updated : 2024-04-03 12:38
NVD link : CVE-2024-26495
Mitre link : CVE-2024-26495
CVE.ORG link : CVE-2024-26495
JSON object : View
Products Affected
No product.
CWE
No CWE.