CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-57041

A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.071

EPSS Ranking 91.7%

CVSS Severity

CVSS v3 Score 4.6

References

http://nodebb.com
https://github.com/NodeBB/NodeBB/commit/4e69bff72fd04779064d37e46a43080e6c328adf
https://www.tonysec.com/posts/cve-2024-57041/

Products affected by CVE-2024-57041

Nodebb » Nodebb » Version: 3.11.0

cpe:2.3:a:nodebb:nodebb:3.11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-57041

Products

Pricing

Contact Us