Vulnerabilities > Pretix > Pretix > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-08-23 CVE-2024-8113 Cross-site Scripting vulnerability in Pretix
Stored XSS in organizer and event settings of pretix up to 2024.7.0 allows malicious event organizers to inject HTML tags into e-mail previews on settings page.
network
low complexity
pretix CWE-79
5.4
5.4