Home

Description

A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details.

PUBLISHED Reserved 2024-11-20 | Published 2024-11-25 | Updated 2024-11-26 | Assigner mitre

References

drive.google.com/...9TCpw-KtksUACYFIzsbuTkL/view?usp=sharing

gist.githubusercontent.com/...b5578c15824b2ff/CVE-2024-53554

cve.org (CVE-2024-53554)

nvd.nist.gov (CVE-2024-53554)

Download JSON