A stored cross-site scripting (XSS) vulnerability in the Advanced Expectation - Response module of yapi v1.10.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the body field.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/YMFE/yapi/issues/2745 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-04-30T00:00:00
Updated: 2024-08-02T02:42:59.406Z
Reserved: 2024-04-26T00:00:00
Link: CVE-2024-33831
Vulnrichment
Updated: 2024-08-02T02:42:59.406Z
NVD
Status : Awaiting Analysis
Published: 2024-04-30T18:15:19.973
Modified: 2024-11-21T09:17:33.660
Link: CVE-2024-33831
Redhat
No data.