Assigner | mitre |
Reserved | 2024-04-30 |
Published | 2024-05-17 |
Updated | 2024-06-10 |
Description
The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).
References
https://www.openwall.com/lists/oss-security/2024/05/16/3
http://www.openwall.com/lists/oss-security/2024/05/16/3 ([oss-security] 20240516 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)
http://seclists.org/fulldisclosure/2024/May/27 (20240520 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package)