CVE-2024-43408 — MEDIUM (6.3)

Vulnerability Description

Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f342d52932cb6221672e7.

CVSS Score

6.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2024-43408?

CVE-2024-43408 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Discourse Placeholder Forms will let you build dynamic documentation. Unsanitized and stored user input was injected in the html of the post. The vulnerability is fixed in commit a62f711d5600e4e5d86f3...

How severe is CVE-2024-43408?

CVE-2024-43408 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-43408?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.