Gazelle Project: community verdicts
3 notable / known-exploited Gazelle Project CVEs the community has triaged.
- CVE-2024-44797MED 6.1EPSS 0%
A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the view parameter.
- CVE-2024-44795MED 6.1EPSS 0%
A cross-site scripting (XSS) vulnerability in the component /login/disabled.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter.
- CVE-2024-44793MED 6.1EPSS 0%
A cross-site scripting (XSS) vulnerability in the component /managers/multiple_freeleech.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the torrents parameter.