Security Advisory

CVE-2024-57329

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-23 00:00:00

Last updated 2025-01-24 21:15:46

Assigner mitre

State PUBLISHED

Description

HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant" function. The name input field does not sanitize or escape user inputs, allowing attackers to inject and execute arbitrary JavaScript payloads.

← Browse all CVEs View on cve.org ↗