A Client-Side Template Injection (CSTI) vulnerability in...
High severity
Unreviewed
Published
Nov 26, 2024
to the GitHub Advisory Database
•
Updated Nov 26, 2024
Description
Published by the National Vulnerability Database
Nov 25, 2024
Published to the GitHub Advisory Database
Nov 26, 2024
Last updated
Nov 26, 2024
A Client-Side Template Injection (CSTI) vulnerability in the component /project/new/scrum of Taiga v 8.6.1 allows remote attackers to execute arbitrary code by injecting a malicious payload within the new project details.
References