CVE-2024-37161

MEDIUM Year: 2024
CVSS v3 Score
4.0
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

MeterSphere is an open source continuous testing platform. Prior to version 1.10.1-lts, the system's step editor stores cross-site scripting vulnerabilities. Version 1.10.1-lts fixes this issue.

Related Vulnerabilities

CVE-2018-11352

MEDIUM
CVSS:4.0(Medium)

The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. This vulnerability enables the execution of a JavaScri...

CWE-792018

CVE-2019-4148

MEDIUM
CVSS:4.0(Medium)

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering t...

CWE-792019

CVE-2022-0704

MEDIUM
CVSS:4.0(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.4.0.

CWE-792022

CVE-2022-2365

MEDIUM
CVSS:4.0(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository zadam/trilium prior to 0.53.3.

CWE-792022

CVE-2023-1429

MEDIUM
CVSS:4.0(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.5.19.

CWE-792023

CVE-2023-1517

MEDIUM
CVSS:4.0(Medium)

Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pimcore prior to 10.5.19.

CWE-792023