CVE-2024-32489: TCPDF Cross-site Scripting vulnerability
TCPDF before 6.7.4 mishandles calls that use HTML syntax.
References
- github.com/advisories/GHSA-g9wg-98c2-qv3v
- github.com/tecnickcom/TCPDF
- github.com/tecnickcom/TCPDF/commit/51cd1b39de5643836e62661d162c472d63167df7
- github.com/tecnickcom/TCPDF/commit/82fc97bf1c74c8dbe62b1d3cc6d10fa4b87e0262
- github.com/tecnickcom/TCPDF/compare/6.6.2...6.7.4
- nvd.nist.gov/vuln/detail/CVE-2024-32489
Code Behaviors & Features
Detect and mitigate CVE-2024-32489 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →