1 results (0.007 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-49378 – smartUp Cross-site Scripting vulnerability
https://notcve.org/view.php?id=CVE-2024-49378
smartUp, a web browser mouse gestures extension, has a universal cross-site scripting issue in the Edge and Firefox versions of smartUp 7.2.622.1170. The vulnerability allows another extension to execute arbitrary code in the context of the user’s tab. As of time of publication, no known patches exist. • https://github.com/zimocode/smartup/blob/2144ec161697751b1a6702f1af866726ea689e4e/js/background.js#L3800 https://securitylab.github.com/advisories/GHSL-2024-011_smartup • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •