CVSS 3.1 Score 7.4 of 10 (high)


Published Mar 18, 2024


CVE-2024-29154 is a cyber vulnerability that affects danielmiessler fabric through version 1.3.0. This vulnerability allows for cross-site scripting (XSS) attacks due to mishandling of innerHTML, specifically in the htmlToPlainText function. The risk score for this vulnerability is 25, indicating a high severity level. The exploitability score is 3.1, suggesting a moderate level of ease for attackers to exploit this vulnerability. The privileges required are low and there is no user interaction necessary. The attack vector is through the network, and the impact on integrity and confidentiality is low. The base score for this vulnerability is 7.4 out of 10, indicating a significant potential danger to organizations using the affected product.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-29154 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options