Cross-Site Scripting Vulnerability in Roundup Tracker Software by Roundup
CVE-2024-39126

5.4MEDIUM

Key Information:

Vendor

Roundup-tracker

Status
Roundup
Vendor
CVE Published:
17 July 2024

What is CVE-2024-39126?

A vulnerable version of Roundup Tracker prior to 2.4.0 permits attackers to exploit a Cross-Site Scripting (XSS) flaw through malicious JavaScript embedded in PDF, XML, and SVG documents. This vulnerability could result in unauthorized access or manipulation of sensitive information, posing a risk to users who interact with affected content.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.roundup-tracker.org
https://www.roundup-tracker.org/docs/security.html#cve-an...

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.