Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-17 | CVE-2024-8908 | Unspecified vulnerability in Google Chrome Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-8909 | Unspecified vulnerability in Google Chrome Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. | 4.3 |
| 2024-09-17 | CVE-2024-45604 | Path Traversal vulnerability in Contao Contao is an Open Source CMS. | 4.3 |
| 2024-09-17 | CVE-2024-45605 | Authorization Bypass Through User-Controlled Key vulnerability in Sentry 24.1.2 Sentry is a developer-first error tracking and performance monitoring platform. | 4.3 |
| 2024-09-17 | CVE-2024-45606 | Authorization Bypass Through User-Controlled Key vulnerability in Sentry Sentry is a developer-first error tracking and performance monitoring platform. | 4.3 |
| 2024-09-17 | CVE-2024-8951 | Cross-site Scripting vulnerability in Oretnom23 Resort Reservation System 1.0 A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. | 6.1 |
| 2024-09-17 | CVE-2024-45612 | Injection vulnerability in Contao Contao is an Open Source CMS. | 5.3 |
| 2024-09-17 | CVE-2024-8660 | Cross-site Scripting vulnerability in Concretecms Concrete CMS Concrete CMS versions 9.0.0 through 9.3.3 are affected by a stored XSS vulnerability in the "Top Navigator Bar" block. Since the "Top Navigator Bar" output was not sufficiently sanitized, a rogue administrator could add a malicious payload that could be executed when targeted users visited the home page.The Concrete CMS Security Team gave this vulnerability a CVSS v4 score of 4.6 with vector CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N . | 4.8 |
| 2024-09-17 | CVE-2024-8897 | Open Redirect vulnerability in Mozilla Firefox Under certain conditions, an attacker with the ability to redirect users to a malicious site via an open redirect on a trusted site, may be able to spoof the address bar contents. | 6.1 |
| 2024-09-17 | CVE-2024-8761 | The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.03. | 6.1 |