CVE-2024-57041

Published: Jan 24, 2025

Modified: Feb 6, 2025

PUBLISHED

Description

A persistent cross-site scripting (XSS) vulnerability in NodeBB v3.11.0 allows remote attackers to store arbitrary code in the 'about me' section of their profile.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://nodebb.com

https://www.tonysec.com/posts/cve-2024-57041/

https://github.com/NodeBB/NodeBB/commit/4e69bff72fd04779064d37e46a43080e6c328adf

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-57041

Description

Affected Products

References