CVE-2024-52281

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-52281

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52281.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-52281

Aliases

Related

SUSE-SU-2025:0297-1

Published

2025-04-16T09:15:27Z

Modified

2025-04-17T03:50:12.590922Z

Summary

[none]

Details

A: Improper Neutralization of Input During Web Page Generation vulnerability in SUSE rancher allows a malicious actor to perform a Stored XSS attack through the cluster description field. This issue affects rancher: from 2.9.0 before 2.9.4.

References

Affected packages

Git / github.com/rancher/rancher

Affected ranges

Type: GIT
Repo: https://github.com/rancher/rancher
Events: Introduced

9e0cc54e7e3a924cf0ed5c5d4db0a6e53805c75e

Fixed

4ec728e8aae3e51c86cf599d1618c555fd806ce8

Affected versions

v2.*

v2.9.0

v2.9.0-rc6

v2.9.1

v2.9.1-alpha1

v2.9.1-alpha2

v2.9.1-rc1

v2.9.1-rc2

v2.9.1-rc3

v2.9.1-rc4

v2.9.1-rc5

v2.9.1-rc6

v2.9.2

v2.9.2-alpha1

v2.9.2-alpha2

v2.9.2-alpha3

v2.9.2-alpha4

v2.9.2-alpha5

v2.9.2-alpha6

v2.9.2-alpha7

v2.9.2-rc1

v2.9.3

v2.9.3-alpha1

v2.9.3-alpha2

v2.9.3-alpha3

v2.9.3-alpha4

v2.9.3-alpha5

v2.9.3-alpha6

v2.9.3-alpha7

v2.9.3-rc1

v2.9.3-rc2

v2.9.4-alpha1

v2.9.4-alpha2

v2.9.4-alpha3

v2.9.4-alpha4

v2.9.4-alpha5

v2.9.4-rc1

v2.9.4-rc2

v2.9.4-rc3