Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Apr 18, 2024· Updated Nov 4, 2025

CVE-2024-30921

CVE-2024-30921

Description

Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the photo.php component.

Affected products

2

DerbyNet/DerbyNetdescription
DerbyNet/DerbyNetllm-fuzzy
Range: <=9.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

chocapikk.com/posts/2024/derbynet-vulnerabilities/mitre

News mentions

0

No linked articles in our index yet.