CVE-2024-1143

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/com.linecorp.centraldogma/centraldogma-server

Identifiers

GHSA-34q3-p352-c7q8, CVE-2024-1143

Package Slug

maven/com.linecorp.centraldogma/centraldogma-server

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Central Dogma versions prior to 0.64.0 is vulnerable to Cross-Site Scripting (XSS), which could allow for the leakage of user sessions and subsequent authentication bypass.

Affected Versions

All versions before 0.64.0

Solution

Upgrade to version 0.64.0 or above.

Last Modified

2024-02-05

source