VYPR
Moderate severityNVD Advisory· Published Jan 24, 2025· Updated Feb 6, 2025

CVE-2024-57041

CVE-2024-57041

Description

A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
nodebbnpm
< 3.11.13.11.1

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.