Skip to main content

Serenity

1 CVEs product

Monthly

CVE-2024-26318 LIB MEDIUM PATCH This Month

Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Serenity
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Serenity
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy