vulnerability

Rapid7 InsightVM Scan Assistant: CVE-2023-24540: Go: Multiple Vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
10	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	2023-05-11	2024-01-03	2025-01-28

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

2023-05-11

Added

2024-01-03

Modified

2025-01-28

Description

Not all valid JavaScript whitespace characters are considered to be whitespace. Templates containing whitespace characters outside of the character set "\t\n\f\r\u0020\u2028\u2029" in JavaScript contexts that also contain actions may not be properly sanitized during execution.

Solution

rapid7-scan-assistant-upgrade-latest

References

CVE-2023-24540
https://attackerkb.com/topics/CVE-2023-24540

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today