CVE-2024-47817

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47817

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47817.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-47817

Aliases

GHSA-c6cw-g7fc-4gwc

Published

2024-10-07T21:22:18.473Z

Modified

2025-12-06T00:09:48.163427Z

Severity

5.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

Unvalidated paragraph widget values can be used for Cross-site Scripting in lara-zeus

Details

Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.

Database specific

{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47817.json",
    "cwe_ids": [
        "CWE-79"
    ]
}

References

Affected packages

Git / github.com/lara-zeus/artemis

Affected ranges

Type: GIT
Repo: https://github.com/lara-zeus/artemis
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3a3f9dd8a706af569c5581b20dcfeff91a43b9d9

Affected versions

v1.*

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47817.json"

Git / github.com/lara-zeus/dynamic-dashboard

Affected ranges

Type: GIT
Repo: https://github.com/lara-zeus/dynamic-dashboard
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

adfb4b1cdfdaa01299631f0e569ce201a7cc545a

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.0.4

0.0.5

0.0.6

0.0.7

0.0.8

1.*

1.0.0

1.0.1

1.0.2

1.0.3

1.0.4

1.0.5

1.0.6

1.1.0

1.1.1

v2.*

v2.0.0

v2.0.0-beta1

v2.0.0-beta2

v2.0.0-beta3

v2.0.0-beta4

v2.0.0-beta5

v2.0.0-beta6

v2.0.0-beta7

v2.0.0-beta8

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v3.*

v3.0.0

v3.0.1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-47817.json"