First published: Sun Oct 06 2024(Updated: )
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.9.1.
Credit: audit@patchstack.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tribulant Software Newsletters | <=4.9.9.1 | |
WordPress Newsletters | <=4.9.9.1 |
Update to 4.9.9.2 or a higher version.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2024-47346 is classified as a reflected cross-site scripting (XSS) vulnerability.
To fix CVE-2024-47346, update Tribulant Newsletters to version 4.9.9.2 or later.
CVE-2024-47346 affects all versions of Tribulant Newsletters from n/a through 4.9.9.1.
Exploiting CVE-2024-47346 could allow attackers to execute scripts in the context of the user's session.
Yes, CVE-2024-47346 also affects WordPress Newsletters versions from n/a through 4.9.9.1.