VYPR
Medium severity6.1NVD Advisory· Published Mar 19, 2025· Updated Jun 17, 2026

CVE-2024-55009

CVE-2024-55009

Description

A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript in the context of a victim's browser via injecting a crafted payload into the WCE=topFrame&WCU= parameter.

Affected products

2
  • AutoBib/AutoBib - Bibliographic collection management systemdescription
  • AutoBib/AutoBibllm-create
    Range: <=3.1.140

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.