CVE-2024-45960
- Source
- https://cve.org/CVERecord?id=CVE-2024-45960
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45960.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-45960
- Aliases
- Published
- 2024-10-02T20:15:11.067Z
- Modified
- 2026-04-10T05:17:54.338430Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
- References
Affected packages
Git / github.com/tribalsystems/zenario
Affected versions
7.*
7.0.2e
7.0.3a
7.0.4b
7.0.5b
7.0.5c
7.0.6a
7.0.6b
7.0.7a
7.0.7b
7.0.7c
7.0.7d
7.0.7e
7.1.0
7.1.1
7.1.2
7.2.0
7.2.1
7.2.2
7.2.3
7.3.0
7.4.0
7.4.1
7.4.2
7.4.3
7.4.4
7.5.0
7.5.40440
7.5.41006
7.5.41499
7.6.41504
7.6.41633
7.6.42085
7.7.42682
7.7.42963
7.7.42990
7.7.44223
8.*
8.0.44237
8.0.44273
8.0.44294
8.0.44521
8.0.45032
8.0.45250
8.0.45529
8.1.45530
8.1.45698
8.1.46089
8.1.46433
8.2.46436
8.2.46614
8.2.47180
8.2.47369
8.2.47992
8.3.47997
8.3.48583
8.3.50564
8.4.50565
8.5.50567
8.5.50837
8.5.51340
8.6.51342
8.7
8.8
8.8.53370
8.8.53725
8.9.54063
8.9.54149
8.9.54153
9.*
9.0.54156
9.0.55141
9.1.55143
9.1.55510
9.1.55619
9.2
9.2.55826
9.2.57169
9.3.57186
9.3.57474
9.3.57595
9.3.57709
9.3.57754
9.3.58670
9.4.58686
9.4.59197
9.4.59574
9.5.59574
9.5.59647
9.5.60240
9.5.60437
9.5.60602
9.6.60604
9.6.60771
9.6.61188
9.7.61188