CVE-2024-8783: OpenTibiaBR MyAAC Post Reply new_post.php cross site scripting
First published: Fri Sep 13 2024(Updated: )
A vulnerability classified as problematic has been found in OpenTibiaBR MyAAC up to 0.8.16. Affected is an unknown function of the file system/pages/forum/new_post.php of the component Post Reply Handler. The manipulation of the argument post_topic leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as bf6ae3df0d32fa22552bb44ca4f8489a6e78cc1c. It is recommended to apply a patch to fix this issue.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenTibiaBR MyAAC | <=0.8.16 |
Remedy
https://github.com/opentibiabr/myaac/pull/122/commits/bf6ae3df0d32fa22552bb44ca4f8489a6e78cc1c
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/references
- agent/title
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/last-modified-date
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- agent/event
- agent/epss
- collector/epss-latest
- source/FIRST
- agent/trending
- vendor/opentibiabr
- canonical/opentibiabr myaac
- version/opentibiabr myaac/0.8.16