CVE-2023-24539
CVE Details
Last Update
09/15/2024
NIST CVE Summary
Angle brackets <>
are not considered dangerous characters when inserted into CSS contexts. Templates containing
multiple actions separated by a /
character can result in unexpectedly closing the CSS context and allowing for
injection of unexpected HTML, if executed with untrusted input.
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
CVE Severity
Status
Ongoing
Affected Products & Versions
- Palette VerteX 4.4.18
Revision History
- 1.0 09/15/2024 Initial Publication
- 2.0 09/15/2024 Added palette VerteX 4.4.18 to Affected Products