QID 997128
Date Published: 2024-02-06
QID 997128: NodeJs (Npm) Security Update for stimulsoft-dashboards-js (GHSA-9cgf-pxwq-2cpw)
Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field.
Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.
Solution
Refer to Github security advisory GHSA-9cgf-pxwq-2cpw for updates and patch information.
Vendor References
- GHSA-9cgf-pxwq-2cpw -
github.com/advisories/GHSA-9cgf-pxwq-2cpw
CVEs related to QID 997128
Software Advisories
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| GHSA-9cgf-pxwq-2cpw | stimulsoft-dashboards-js |
|