CVE-2024-57329 Information

Description

HortusFox v3.9 contains a stored XSS vulnerability in the \Add Plant\ function. The name input field does not sanitize or escape user inputs allowing attackers to inject and execute arbitrary JavaScript payloads.

Reference

https://github.com/fatihtuzunn/CVEs/tree/main/CVE-2024-57329