CVE-2024-34710
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-34710
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-34710.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-34710
- Aliases
- Related
- Published
- 2024-05-20T22:15:08Z
- Modified
- 2025-01-08T16:12:02.908576Z
- Summary
- [none]
- Details
-
Wiki.js is al wiki app built on Node.js. Client side template injection was discovered, that could allow an attacker to inject malicious JavaScript into the content section of pages that would execute once a victim loads the page that contains the payload. This was possible through the injection of a invalid HTML tag with a template injection payload on the next line. This vulnerability is fixed in 2.5.303.
- References
Affected packages
Git / github.com/requarks/wiki
Affected ranges
- Type
- GIT
- Repo
- https://github.com/requarks/wiki
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
2.*
2.0.0-beta.11
2.0.0-beta.115
2.0.0-beta.147
2.0.0-beta.148
2.0.0-beta.174
2.0.0-beta.180
2.0.0-beta.203
2.0.0-beta.208
2.0.0-beta.230
2.0.0-beta.241
2.0.0-beta.267
2.0.0-beta.268
2.0.0-beta.275
2.0.0-beta.303
2.0.0-beta.42
2.0.0-beta.68
2.0.0-beta.84
2.0.0-beta.91
2.0.0-rc.1
2.0.0-rc.17
2.0.1
2.0.12
2.1.113
2.2.50
2.2.51
2.3.71
2.3.72
2.3.77
2.4.105
2.4.107
2.4.75
2.5.105
2.5.117
2.5.121
2.5.126
2.5.132
2.5.136
2.5.144
2.5.159
2.5.170
2.5.191
2.5.197
2.5.201
2.5.214
2.5.219
2.5.254
2.5.255
2.5.260
2.5.264
2.5.268
2.5.272
2.5.274
v1.*
v1.0-alpha.1
v1.0-alpha.2
v1.0-alpha.3
v1.0-alpha.4
v1.0-alpha.5
v1.0-alpha.6
v1.0-alpha.7
v1.0-beta.1
v1.0-beta.2
v1.0-beta.3
v1.0-beta.4
v1.0-beta.5
v1.0.0-beta.10
v1.0.0-beta.11
v1.0.0-beta.12
v1.0.0-beta.13
v1.0.0-beta.6
v1.0.0-beta.7
v1.0.0-beta.8
v1.0.0-beta.9
v1.0.1
v1.0.10
v1.0.11
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v2.*
v2.5.275
v2.5.276
v2.5.277
v2.5.278
v2.5.279
v2.5.280
v2.5.281
v2.5.282
v2.5.283
v2.5.284
v2.5.285
v2.5.286
v2.5.287
v2.5.288
v2.5.289
v2.5.290
v2.5.291
v2.5.292
v2.5.293
v2.5.294
v2.5.295
v2.5.296
v2.5.297
v2.5.298
v2.5.299
v2.5.300
v2.5.301
v2.5.302