Vulnerability CVE-2024-47817
Published: 2024-10-07   Modified: 2024-10-08

Description:
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/lara-zeus/dynamic-dashboard/security/advisories/GHSA-c6cw-g7fc-4gwc
https://github.com/lara-zeus/artemis/commit/3a3f9dd8a706af569c5581b20dcfeff91a43b9d9
https://github.com/lara-zeus/dynamic-dashboard/commit/adfb4b1cdfdaa01299631f0e569ce201a7cc545a
Copyright 2024, cxsecurity.com

 

Back to Top