CVE-2024-57556: Cross Site Scripting vulnerability in store2

January 24, 2025

Cross Site Scripting vulnerability in nbubna store v.2.14.2 and before allows a remote attacker to execute arbitrary code via the store.deep.js component

References

github.com/advisories/GHSA-w5hq-hm5m-4548
github.com/nbubna/store
github.com/nbubna/store/issues/127
github.com/nbubna/store/pull/128
nvd.nist.gov/vuln/detail/CVE-2024-57556

Detect and mitigate CVE-2024-57556 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →