How severe is CVE-2024-43370?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.2 out of 10.

What type of vulnerability is CVE-2024-43370?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2024-43370

HIGH Year: 2024

CVSS v3 Score

7.2

High

Weakness Type

CWE-79

View all →

Vulnerability Description

gettext.js is a GNU gettext port for node and the browser. There is a cross-site scripting (XSS) injection if `.po` dictionary definition files are corrupted. This vulnerability has been patched in version 2.0.3. As a workaround, control the origin of the definition catalog to prevent the use of this flaw in the definition of plural forms.

CVE-2016-1000115

HIGH

CVSS:7.2(High)

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS

CWE-792016

CVE-2016-1000116

HIGH

CVSS:7.2(High)

Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS

CWE-792016

CVE-2016-1000117

HIGH

CVSS:7.2(High)

XSS & SQLi in HugeIT slideshow v1.0.4

CWE-792016

CVE-2016-1000118

HIGH

CVSS:7.2(High)

XSS & SQLi in HugeIT slideshow v1.0.4

CWE-792016

CVE-2016-1000119

HIGH

CVSS:7.2(High)

SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla

CWE-792016

CVE-2016-15041

HIGH

CVSS:7.2(High)

The MainWP Dashboard – The Private WordPress Manager for Multiple Website Maintenance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘mwp_setup_purchase_username’ parameter ...

CWE-792016

CVE-2024-43370

Vulnerability Description

Related Vulnerabilities

CVE-2016-1000115

CVE-2016-1000116

CVE-2016-1000117

CVE-2016-1000118

CVE-2016-1000119

CVE-2016-15041