CVE-2024-47765: Minecraft MOTD Parser's HtmlGenerator vulnerable to XSS
(updated )
The HtmlGenerator class is subject to potential cross-site scripting (XSS) attack through a parsed malformed Minecraft server MOTD.
References
- github.com/advisories/GHSA-q898-frwq-f3qp
- github.com/jgniecki/MinecraftMotdParser
- github.com/jgniecki/MinecraftMotdParser/blob/0412f68eeb91729a00444a8d6c00c45623884aa5/src/Generator/HtmlGenerator.php
- github.com/jgniecki/MinecraftMotdParser/blob/0412f68eeb91729a00444a8d6c00c45623884aa5/src/Generator/HtmlGenerator.php
- github.com/jgniecki/MinecraftMotdParser/commit/b0ab9d68a964cd3d74977f39a9e7af0a94509f7c
- github.com/jgniecki/MinecraftMotdParser/security/advisories/GHSA-q898-frwq-f3qp
- nvd.nist.gov/vuln/detail/CVE-2024-47765
Code Behaviors & Features
Detect and mitigate CVE-2024-47765 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →