CVE-2024-52290 – LF Edge eKuiper Cross-Site Scripting (XSS)

May 14, 2025

CVE ID : CVE-2024-52290

Published : May 14, 2025, 8:15 a.m. | 35 minutes ago

Description : LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name` (`confKey`) parameter. After this setup, when any user with access to this service (e.g. admin) tries to delete this key, a payload acts in the victim’s browser. Version 2.1.0 fixes the issue.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-0020 – ArcGIS OAuth 2.0 API Authentication Privilege Abuse Vulnerability

Next Article Linus Torvalds torna alla tastiera meccanica: il valore del feedback nella digitazione per chi sviluppa

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

How Code Feedback MCP Enhances AI-Generated Code Quality

How Code Feedback MCP Enhances AI-Generated Code Quality

PRSS Site Creator – Create Blogs and Websites from Your Desktop

Say hello to ECMAScript 2025

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

With Gears of War: Reloaded on the way, which Xbox 360 game would you like to see get rebuilt next? — Weekend discussion 💬

Jasmine – web launcher and session management application

Schulrechner – calculator you know from school

CVE-2024-52290 – LF Edge eKuiper Cross-Site Scripting (XSS)

⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Arch Linux approda ufficialmente su Windows Subsystem for Linux

Using Manim For Making UI Animations

Linus Torvalds critica duramente i file system che non distinguono tra maiuscole e minuscole!

How Apple just changed the developer world with this one AI announcement

5 ways you can plug the widening AI skills gap at your business

CVE-2025-3511 – Mitsubishi Electric Corporation CC-Link IE TSN Denial of Service Remote Buffer Overflow

How Small Businesses Can Leverage React Native for Big Growth

Our next-generation model: Gemini 1.5

CVE-2024-52290 – LF Edge eKuiper Cross-Site Scripting (XSS)

Related Posts