CVE-2024-57277 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

InnoShop V.0.3.8 and below is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Medium CVSS: 5.7

CVE-2024-57277

InnoShop V.0.3.8 and below is vulnerable to Cross Site Scripting (XSS) via SVG file upload.
Vendor
-
Product
-
CWE
CWE-79
Yayın Tarihi
2025-01-24 20:15:33
Güncelleme
2026-04-15 00:35:42
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-79 MEDIUM 2025

Referanslar

https://github.com/innocommerce/innoshop/commit/7ccc90d2b549e14460efc4f758b01adbd080e7ff https://github.com/innocommerce/innoshop/issues/115 https://github.com/yamerooo123/ResearchNBugBountyEncyclopedia/blob/main/Researches/Innocommerce/Findings.md https://youtu.be/ved96wsIYlQ