Browse all 4 CVE security advisories affecting spacetime. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Spacetime is a collaborative platform for 3D virtual environments and metaverse applications, enabling real-time interaction and content creation. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from improper input validation and access control flaws. The platform's security posture has been impacted by incidents where unauthenticated attackers could execute arbitrary code or manipulate user sessions due to insufficient sandboxing and insecure API endpoints. These vulnerabilities highlight risks in web-based 3D content rendering and real-time communication features, requiring rigorous input sanitization and proper privilege management to mitigate potential exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-49248 | WordPress Ad Inserter plugin <= 2.7.37 - Reflected Cross Site Scripting (XSS) vulnerability — Ad InserterCWE-79 | 7.1 | High | 2024-10-17 |
This page lists every published CVE security advisory associated with spacetime. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.