https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-08T03:10:40.913776+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/4a9ad22b-bb42-4b91-8f63-0ee5319bb08b/export4a9ad22b-bb42-4b91-8f63-0ee5319bb08b2026-05-08T03:10:41.294935+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "4a9ad22b-bb42-4b91-8f63-0ee5319bb08b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46976", "type": "seen", "source": "https://t.me/cvedetector/5861", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-46976 - \"Backstage Cross-Site Scripting (XSS)\"\", \n \"Content\": \"CVE ID : CVE-2024-46976 \nPublished : Sept. 17, 2024, 9:15 p.m. | 33\u00a0minutes ago \nDescription : Backstage is an open framework for building developer portals. An attacker with control of the contents of the TechDocs storage buckets is able to inject executable scripts in the TechDocs content that will be executed in the victim's browser when browsing documentation or navigating to an attacker provided link. This has been fixed in the 1.10.13 release of the `@backstage/plugin-techdocs-backend` package. users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T23:58:56.000000Z"}2024-09-17T23:58:56+00:00