Executive Summary

Informations
Name CVE-2024-27926 First vendor Publication 2024-03-21
Vendor Cve Last vendor Modification 2024-03-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

RSSHub is an open source RSS feed generator. Starting in version 1.0.0-master.cbbd829 and prior to version 1.0.0-master.d8ca915, ahen the specially crafted image is supplied to the internal media proxy, it proxies the image without handling XSS vulnerabilities, allowing for the execution of arbitrary JavaScript code. Users who access the deliberately constructed URL are affected. This vulnerability was fixed in version 1.0.0-master.d8ca915. No known workarounds are available.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27926

Sources (Detail)

https://github.com/DIYgod/RSSHub/commit/4d3e5d79c1c17837e931b4cd253d2013b487aa87
https://github.com/DIYgod/RSSHub/security/advisories/GHSA-2wqw-hr4f-xrhh
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2024-03-22 02:47:09
  • Multiple Updates
2024-03-22 02:47:08
  • Multiple Updates
2024-03-21 21:27:27
  • Multiple Updates
2024-03-21 09:27:29
  • First insertion