CVE-2024-54317

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

—N/A

No vector

EPSS

0.1%

top 76.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google WEB Stories

Timeline

PublishedDec 13

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Google Web Stories web-stories allows Stored XSS.This issue affects Web Stories: from n/a through <= 1.37.0.

Affected Packages1 packages

▶CVEListV5google/web_stories1.37.0

🔴Vulnerability Details

CVEList

WordPress Web Stories plugin <= 1.37.0 - Cross Site Scripting (XSS) vulnerability↗2024-12-13

▶

GHSA

GHSA-xv6r-vqm4-6f6r: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Google Web Stories allows Stored XSS↗2024-12-13

▶