CVE-2024-41348

6.1 MEDIUM

Published: August 29, 2024 Modified: January 26, 2026

Description

openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/alsearch.php

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

0.0 Low Medium High Critical 10.0

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Patch Vendor Advisory Exploit Third Party Advisory

Source: cve@mitre.org

Source: cve@mitre.org

Source: cve@mitre.org

Exploit Issue Tracking

3 reference(s) from NVD

CVSS v3 Score

6.1 / 10.0

EPSS (Exploit Probability)

0.1%

29th percentile

Exploitation Status

Not in CISA KEV

CWE-79 CWE-79

jpatokal