28 Jul 2024

CVE-2024-32484

7.4 High Severity

An reflected XSS vulnerability exists in the handling of invalid paths in the Flask server in Ankitects Anki 24.04. A specially crafted flashcard can lead to JavaScript code execution and result in an arbitrary file read. An attacker can share a malicious flashcard to trigger this vulnerability.

suggest your own:

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
Apps (0)
Operating Systems (0)

xtranslations

xdetection

xremediation

Comments (0)
Comments (0)