CVE-2024-34058

Description

The WebTop package for NethServer 7 and 8 allows stored XSS (for example, via the Subject field if an e-mail message).

References

https://www.openwall.com/lists/oss-security/2024/05/16/3

http://www.openwall.com/lists/oss-security/2024/05/16/3 ([oss-security] 20240516 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package) mailing-list

http://seclists.org/fulldisclosure/2024/May/27 (20240520 CVE-2024-34058: Nethserver 7 & 8 stored cross-site scripting (XSS) in WebTop package) mailing-list

cve.org CVE-2024-34058

nvd.nist.gov CVE-2024-34058

Download JSON