GHSA-3636-hx62-pv26
Suggest an improvement- Source
- https://github.com/advisories/GHSA-3636-hx62-pv26
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-3636-hx62-pv26/GHSA-3636-hx62-pv26.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-3636-hx62-pv26
- Aliases
- Published
- 2024-10-02T21:30:35Z
- Modified
- 2024-10-02T23:12:43.252753Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- 1.8 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:P CVSS Calculator
- Summary
- Zenario allows authenticated admin users to upload PDF files containing malicious code
- Details
-
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
- Database specific
{ "nvd_published_at": "2024-10-02T20:15:11Z", "severity": "LOW", "cwe_ids": [ "CWE-434", "CWE-79" ], "github_reviewed": true, "github_reviewed_at": "2024-10-02T22:35:05Z" }- References
Affected packages
Packagist / tribalsystems/zenario
Package
- Name
- tribalsystems/zenario
- Purl
- pkg:composer/tribalsystems/zenario
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedLast affected9.7.61188
Affected versions
7.*
7.5.40440
7.5.41006
7.5.41499
7.5.41633
7.5.42085
7.5.42990
7.5.47180
7.6.41504
7.6.41633
7.6.42085
7.6.42990
7.6.47180
7.7.42682
7.7.42963
7.7.42990
7.7.44223
7.7.47180
7.7.47369
7.7.48583
8.*
8.0.44237
8.0.44273
8.0.44294
8.0.44521
8.0.45032
8.0.45250
8.0.45529
8.0.47180
8.0.48583
8.1.45530
8.1.45698
8.1.46089
8.1.46433
8.1.46615
8.1.47180
8.1.47369
8.1.48583
8.2.46436
8.2.46614
8.2.47180
8.2.47369
8.2.47992
8.2.48583
8.3.47997
8.3.48583
8.3.50564
8.4.50565
8.4.51340
8.5.50567
8.5.50837
8.5.51340
8.6.51342
8.7
8.8
8.8.53370
8.8.53725
8.8.54063
8.9.54063
8.9.54149
8.9.54153
8.9.55141
9.*
9.0.54156
9.0.55141
9.0.57473
9.1.55143
9.1.55510
9.1.55619
9.1.57473
9.2
9.2.55826
9.2.57169
9.2.57473
9.3.57186
9.3.57474
9.3.57595
9.3.57709
9.3.57754
9.3.58670
9.4.58686
9.4.59197
9.4.59574
9.4.60437
9.5.59574
9.5.59647
9.5.60240
9.5.60437
9.5.60602
9.6.60604
9.6.60771
9.6.61188
9.7.61188