CVE-2024-43407: Contrib Cssgen Php Cwe 79 Cve 2024 43407
Legacy third-party library script uses input from global arrays to initialize GeSHi without sanitization, which can lead to Cross-Site Scripting (XSS).
Provally CuratedPublic repositoryHighMedium confidenceVerifiedApache-2.0
PHPβ
PHPβgreprules fetch cve-2024-43407-contrib-cssgen-php-cwe-79-cve-2024-43407 --engine opengrepDescription
Legacy third-party library script uses input from global arrays to initialize GeSHi without sanitization, which can lead to Cross-Site Scripting (XSS).
Community feedback
0 signals from signed-in users.
- Useful
- 0
- False positive
- 0
- Metadata
- 0