Description
Lara-zeus Dynamic Dashboard simple way to manage widgets for your website landing page, and filament dashboard and Lara-zeus artemis is a collection of themes for the lara-zeus ecosystem. If values passed to a paragraph widget are not valid and contain a specific set of characters, applications are vulnerable to XSS attack against a user who opens a page on which a paragraph widget is rendered. Users are advised to upgrade to the appropriate fix versions detailed in the advisory metadata. There are no known workarounds for this vulnerability.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://github.com/lara-zeus/dynamic-dashboard/security/advisories/GHSA-c6cw-g7fc-4gwc
Patch x_refsource_misc
https://github.com/lara-zeus/artemis/commit/3a3f9dd8a706af569c5581b20dcfeff91a43b9d9
Scores
CVSS v3
6.1
EPSS
0.0014
EPSS Percentile
33.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (4)
lara-zeus/artemis
1.0.0 - 1.0.7Packagist
lara-zeus/dynamic-dashboard
3.0.0 - 3.0.2Packagist
lara-zeus/dynamic-dashboard
lara-zeus/artemis: >= 1.0.0, < 1.0.7
lara-zeus/dynamic-dashboard
lara-zeus/dynamic-dashboard: >= 3.0.0, < 3.0.2
Published
Oct 07, 2024
Tracked Since
Feb 18, 2026