N/A - CVE-2024-51434

Executive Summary

Informations
Name	CVE-2024-51434	First vendor Publication	2024-11-07
Vendor	Cve	Last vendor Modification	2024-11-08

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score	N/A	Attack Range	N/A
Cvss Impact Score	N/A	Attack Complexity	N/A
Cvss Expoit Score	N/A	Authentication	N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Inconsistent

tag parsing allows for XSS in Froala WYSIWYG editor 4.3.0 and earlier.</p></div> </td></tr> </table> <h3>Original Source</h3> <table class="vdnacontent"> <tr class="darkbg"><td> Url : <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51434" title="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51434" rel="nofollow" target="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-51434</a> </td></tr> </table> <script type="text/javascript"> $(document).ready(function () { $('#cpe_sourcesec').dataTable({ "bProcessing": true, "aaSorting": [[0, "desc"]], "bPaginate": true, "sPaginationType": "full_numbers", "bInfo": true }); }); </script> <h3>Sources (Detail)</h3> <table id="cpe_sourcesec"> <thead> <tr> <th>Source</th> <th>Url</th> </tr> </thead> <tbody> <a href="https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434/" target="_blank" rel="nofollow" title="https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434/">https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434/</a><br /> </tbody> </table> <script type="text/javascript"> $(document).ready(function () { $(".slidingDiv").hide(); $(".show_hide").show(); $('.show_hide').click(function () { $(".slidingDiv").slideToggle(); }); $('#cpe_history').dataTable({ "bProcessing": true, "aaSorting": [[0, "desc"]], "bPaginate": true, "sPaginationType": "full_numbers", "bInfo": true }); }); </script> <h3>Alert History</h3> <div class="box info-box"> If you want to see full details history, please <a name="login" class="show_hide" href="#name">login</a> or <a href="/vdnacpe_pricelist.php">register</a>. <div class="slidingDiv" style="display:none"> <form name="form1" method="post" class="contact-form" action="/detail.php?alert=CVE-2024-51434"> <fieldset> <ul> <li class="text-field"> <label for="login"> <span class="label">What's your <span class="highlight-text">Email</span>?</span> </label> <input type="text" name="login" value=""/> </li> <li class="text-field"> <label for="password"> <span class="label">What's your <span class="highlight-text">Password</span>?</span> </label> <input type="password" name="password" value=""/> </li> </ul> <ul> <li> <script type="text/javascript" src="https://www.google.com/recaptcha/api.js?hl=en" async defer></script> <div class="g-recaptcha" data-sitekey="6LfJWykTAAAAAKtQqKj4EZyvNVsP_K1riDH2--FQ"></div> </li> <li class="submit-button"> <input type="hidden" name="Redirect" value="no" /> <input type="submit" name="Login" value="Login" class="sendmail alignleft"/> <input type="hidden" name="rdm" value="YKvD1jjTgmEbnFGbhqJQoQz3CwVwLJgkRRnH2KZVwd"/> </li> </ul> </fieldset> </form> </div> </div> <table class="vdnahistory" id="cpe_history"> <thead> <tr> <th>Date</th> <th>Informations</th> </tr> </thead> <tbody> <div style="display:none">0</div> <tr> <td>2024-11-08 21:27:29</td> <td> <ul> <li>Multiple Updates</li> </ul> </td> </tr> <div style="display:none">1</div> <tr> <td class="hfull">2024-11-08 00:27:37</td> <td> <ul> <li>First insertion</li> </ul> </td> </tr> </tbody> </table> </div> <div id="sidebar" class="group"> <div class="widget"> <h3>Global Informations</h3> <table class="sidebar_alerts"> <thead> <tr><th>Type</th><th>Count</th></tr> </thead> <tbody> <tr> <td>Sources(s)</td> <td style="text-align:right"><b>1</b></td> </tr> </tbody> </table> <table class="sidebar_alerts"> <thead> <tr> <th class="nopadding"></th> <th>Related</th> </tr> </thead> <tbody> <tr> <td colspan="2" style="text-align:center">N/A</td> </tr> </tbody> </table> </div> <div class="widget widget more_projects sidelogo"> <h3>Open Standards</h3> <div class="more-projects-widget"> <div class="top"><a class="prev" href="#">Prev</a></div> <div class="sliderWrap"> <ul> <li class="work-item group"> <a class="work-thumb" href="http://cve.mitre.org/" target="_blank" rel="nofollow"><img src="/layout_images/logos/small/cve.jpg" alt="" /></a> <a class="meta work-title" href="http://cve.mitre.org/" target="_blank" rel="nofollow">CVE</a> <p class="meta categories"><a href="http://cve.mitre.org/" target="_blank" rel="nofollow">Common Vulnerability Enumeration</a></p> </li> </ul> </div> <div class="controls"><a class="next" href="#">Next</a></div> </div> </div> </div> </div> <div id="twitter-slider" class="group"> <div class="tweets-list"> </div> <a href="https://twitter.com/#!/SecurityDbase" target="_blank"><div class="bird"></div></a> </div> <div id="footer" class="group columns-4"> <div class="inner footer-main"> <div class="widget-first widget widget_text"> <h3>COMPANY</h3> <p><b>Security-Database</b> help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.</p> </div> <div class="widget widget_flickrRSS"> <h3>STANDARDS</h3> <a href="/about.php?type=cve" title="Security-Database is CVE Compatible"><img src="/layout_images/logos/cve-compatible.gif" alt="CVE Compatible" /></a> <a href="/about.php?type=cwe" title="Security-Database is CWE Compatible"><img src="/layout_images/logos/cwe-compatible.jpg" alt="CWE Compatible" /></a> <a href="http://measurablesecurity.mitre.org/" title="Security-Database is a supporter of the Making Security Measurable effort..." target="_blank"><img src="/layout_images/logos/MSMsupporter.gif" alt="Supporter of Making Security Measurable" /></a> <a href="/ovalid.php" title="Security-Database is an Official OVAL Repository"><img src="/layout_images/Oval/oval_rep.gif" alt="OVAL Repository" /></a> </div> <div class="widget recent-posts"> <h3>RECENT POSTS</h3> <div class="last-news group"> <div class="box-post group"> <div class="box-post-body group"> <div class="news_title"> <a href="https://www.security-database.com/toolswatch/Working-on-Common-Vulnerability.html" title="Working on Common Vulnerability Scoring System v3 integration" class="title">Working on Common Vulnerability Scoring System v3 integration</a> </div> <p class="meta"><span class="date">01 August 2016</span></p> </div> </div> <div class="box-post group"> <div class="box-post-body group"> <div class="news_title"> <a href="https://www.security-database.com/toolswatch/Handle-of-the-CPE-Deprecated.html" title="CPE Deprecated Dictionary integration" class="title">CPE Deprecated Dictionary integration</a> </div> <p class="meta"><span class="date">28 June 2016</span></p> </div> </div> </div> </div> <div class="widget-last widget widget_nav_menu"> <h3>MENU</h3> <ul class="menu"> <li><a href="/about.php?type=about" title="About Security-Database">About Security-Database</a></li> <li><a href="/about.php?type=contact" title="Contact the Team">Contact the Team</a></li> <li><a href="/vdnacpe_pricelist.php" title="vDNA Monitoring">vDNA Monitoring</a></li> <li><a href="/ovalid.php" title="Oval Repository">Oval Repository</a></li> <li><a href="/dashboard.php" title="Security Dashboard">Security Dashboard</a></li> </ul> </div> </div> </div> <div id="copyright" class="group two-columns"> <div class="inner group"> <p class="left">Copyright <a href="/"><strong>Security-Database</strong></a> 2006-2024 - Powered by themself ;) <span class="time"> in 0.0305s  </span></p> <p class="right"> <a href="https://www.facebook.com/sdbase" class="socials facebook" title="Facebook" target="_blank">Facebook</a> <a href="http://feeds.security-database.com/SecurityDatabaseToolsWatch" class="socials rss" title="Rss" target="_blank">rss</a> <a href="https://twitter.com/#!/SecurityDbase" class="socials twitter" title="Twitter" target="_blank">twitter</a> <a href="http://www.linkedin.com/company/Security-Database" class="socials linkedin" title="Linkedin" target="_blank">linkedin</a> <a href="/about.php?type=contact" class="socials mail" title="Mail" target="_blank">mail</a> </p> </div> </div> </div> </div> <script type="text/javascript" src="https://s7.addthis.com/js/250/addthis_widget.js#pubid=ra-4ebb91e777b428a5"></script> <script type="text/javascript"> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','//www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-124516-6', 'auto'); ga('require', 'displayfeatures'); ga('send', 'pageview'); </script> </body> </html>