Unrated severityNVD Advisory· Published Aug 20, 2024· Updated Nov 3, 2024
[20240805] - Core - XSS vectors in Outputfilter::strip* methods
CVE-2024-40743
Description
The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors.
Affected products
1- Range: 3.0.0-3.10.16
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.