CVE-2024-29392: Silverpeas Core vulnerable to Cross Site Scripting

May 22, 2024 (updated November 7, 2024)

Silverpeas Core 6.3 is vulnerable to Cross Site Scripting (XSS) via ClipboardSessionController.

References

gist.github.com/phulelouch/48ee63a7c46078574f3b3dc9a739052c
github.com/Silverpeas/Silverpeas-Core
github.com/advisories/GHSA-9rrw-82r2-623p
nvd.nist.gov/vuln/detail/CVE-2024-29392

Detect and mitigate CVE-2024-29392 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →