25Eki
CVE-2024-47878 | OpenRefine up to 3.8.2 URL authorized state cross site scripting (GHSA-pw3x-c5vp-mfc3)
A vulnerability was found in OpenRefine up to 3.8.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /extension/gdata/authorized of the component URL Handler. The manipulation of the argument state leads to cross site scripting. This vulnerability is handled as CVE-2024-47878. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.