- Description
- dashboards-reporting (aka Dashboards Reports) before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer.
- Source
- cve@mitre.org
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 6.4
- Impact score
- 2.7
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- cve@mitre.org
- CWE-79
- Hype score
- Not currently trending
CVE-2024-54160 dashboards-reporting (aka Dashboards Reports) before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a he… https://t.co/FTePa1qhJr
@CVEnew
12 Feb 2025
122 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-54160 | LF Projects OpenSearch up to 2.18 dashboards-reporting cross site scripting) has been published on https://t.co/7YaJm0LImG
@WolfgangSesin
12 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
New post from https://t.co/uXvPWJy6tj (CVE-2024-54160 | LF Projects OpenSearch up to 2.18 dashboards-reporting cross site scripting) has been published on https://t.co/KzKfeoCgze
@WolfgangSesin
12 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes