All 3 CVE vulnerabilities found in phlex, with AI-generated Chinese analysis, references, and POCs.
Vendor: phlex-ruby
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-32970 | Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex CWE-79 | 7.1 | High | 2024-04-30 |
| CVE-2024-32463 | phlex makes Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags CWE-79 | 7.1 | High | 2024-04-17 |
| CVE-2024-28199 | Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex CWE-79 | 7.1 | High | 2024-03-11 |
All 3 known CVE vulnerabilities affecting phlex with full Chinese analysis, references, and POCs where available.