Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged

Permalink CVE-2024-54348

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Brandy theme <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YayCommerce Brand allows Stored XSS.This issue affects Brand: from n/a through 1.1.6.

References

https://patchstack.com/database/wordpress/theme/brand/vulnerability/wordpress-b… vdb-entry

Affected products

brand

=<1.1.6

Matching in nixpkgs

pkgs.matrix-brandy

Matrix Brandy BASIC VI for Linux, Windows, MacOSX

nixos-unstable -
- nixpkgs-unstable 1.23.5

pkgs.librandombytes

Simple API for applications generating fresh randomness

nixos-unstable -
- nixpkgs-unstable 20240318

pkgs.typstPackages.touying-brandred-uobristol_0_1_0

Touying Slide Theme for University of Bristol

nixos-unstable -
- nixpkgs-unstable 0.1.0

pkgs.typstPackages.touying-brandred-uobristol_0_1_1

Touying Slide Theme for University of Bristol

nixos-unstable -
- nixpkgs-unstable 0.1.1

pkgs.typstPackages.touying-brandred-uobristol_0_1_2

Touying Slide Theme for University of Bristol

nixos-unstable -
- nixpkgs-unstable 0.1.2

pkgs.typstPackages.touying-brandred-uobristol_0_1_3

Touying Slide Theme for University of Bristol

nixos-unstable -
- nixpkgs-unstable 0.1.3

pkgs.typstPackages.touying-brandred-uobristol_0_2_0

Touying Slide Theme for University of Bristol

nixos-unstable -
- nixpkgs-unstable 0.2.0

Package maintainers

@jleightcap Jack Leightcap <jack@leightcap.com>
@imadnyc Abdullah Imad <me@imad.nyc>
@kiike Enric Morales <me@enric.me>
@fiq Raf Gemmail <raf+git@dreamthought.com>
@cherrypiejam Gongqi Huang