Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2024-26318

Disclosure Date: February 19, 2024 (last updated February 14, 2025)
Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0