CVE-2024-4216

pgAdmin <= 8.5 is affected by XSS vulnerability in /settings/store API response json payload. This vulnerability allows attackers to execute malicious script at the client end.

References

Affected packages

Git / github.com/pgadmin-org/pgadmin4

Affected ranges

Type

GIT

Repo

https://github.com/pgadmin-org/pgadmin4

Events

Introduced

Fixed

99c688f89403a4d47c156b601b40b7e0e0746d00

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "8.6"
        }
    ]
}

Affected versions

Other

REL-1_0

REL-1_0-BETA1

REL-1_0-BETA2

REL-1_0-BETA3

REL-1_0-BETA4

REL-1_0-RC1

REL-1_1

REL-1_2

REL-1_3

REL-1_4

REL-1_5

REL-1_6

REL-2_0

REL-2_0-RC1

REL-2_0-RC2

REL-2_1

REL-3_0

REL-3_1

REL-3_2

REL-3_3

REL-3_4

REL-3_5

REL-3_6

REL-4_0

REL-4_1

REL-4_10

REL-4_11

REL-4_12

REL-4_13

REL-4_14

REL-4_15

REL-4_16

REL-4_17

REL-4_18

REL-4_19

REL-4_2

REL-4_20

REL-4_21

REL-4_22

REL-4_23

REL-4_24

REL-4_25

REL-4_26

REL-4_27

REL-4_28

REL-4_29

REL-4_3

REL-4_30

REL-4_4

REL-4_5

REL-4_6

REL-4_7

REL-4_8

REL-4_9

REL-5_0

REL-5_1

REL-5_2

REL-5_3

REL-5_4

REL-5_5

REL-5_6

REL-5_7

REL-6_0

REL-6_1

REL-6_10

REL-6_11

REL-6_12

REL-6_13

REL-6_14

REL-6_15

REL-6_16

REL-6_17

REL-6_18

REL-6_19

REL-6_2

REL-6_20

REL-6_21

REL-6_3

REL-6_4

REL-6_5

REL-6_6

REL-6_7

REL-6_8

REL-6_9

REL-7_0

REL-7_1

REL-7_2

REL-7_3

REL-7_4

REL-7_5

REL-7_6

REL-7_7

REL-7_8

REL-8_0

REL-8_1

REL-8_2

REL-8_3

REL-8_4

REL-8_5

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "40"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-4216.json"