Vulnerability Description
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/lara-zeus/artemis/commit/3a3f9dd8a706af569c5581b20dcfeff91a43
- https://github.com/lara-zeus/dynamic-dashboard/commit/adfb4b1cdfdaa01299631f0e56
- https://github.com/lara-zeus/dynamic-dashboard/security/advisories/GHSA-c6cw-g7f
FAQ
What is CVE-2024-47817?
CVE-2024-47817 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values pa...
How severe is CVE-2024-47817?
CVE-2024-47817 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-47817?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.