Vulnerability Description
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Handler. The manipulation of the argument post_topic leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as bf6ae3df0d32fa22552bb44ca4f8489a6e78cc1c. It is recommended to apply a patch to fix this issue.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opentibiabr | Myaac | <= 0.8.16 |
Related Weaknesses (CWE)
References
- https://github.com/opentibiabr/myaac/issues/121Exploit
- https://github.com/opentibiabr/myaac/pull/122Issue TrackingPatch
- https://github.com/opentibiabr/myaac/pull/122/commits/bf6ae3df0d32fa22552bb44ca4Patch
- https://vuldb.com/?ctiid.277434Permissions Required
- https://vuldb.com/?id.277434Permissions Required
- https://vuldb.com/?submit.406368Third Party Advisory
FAQ
What is CVE-2024-8783?
CVE-2024-8783 is a vulnerability with a CVSS score of 3.5 (LOW). A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Hand...
How severe is CVE-2024-8783?
CVE-2024-8783 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-8783?
Check the references section above for vendor advisories and patch information. Affected products include: Opentibiabr Myaac.