CVE-2024-12846 | Emlog Pro up to 2.4.1 /admin/link.php siteurl/icon cross site scripting

Inserito da Angelo Barbosa | Dic 20, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Emlog Pro up to 2.4.1. Affected by this issue is some unknown functionality of the file /admin/link.php. The manipulation of the argument siteurl/icon leads to cross site scripting.

This vulnerability is handled as CVE-2024-12846. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-12846 | Emlog Pro up to 2.4.1 /admin/link.php siteurl/icon cross site scripting

Post correlati

CVE-2024-3913 | Phoenix Contact CHARX SEC-3150 1139012 up to 1.6.x System Startup file access (VDE-2024-022)

CVE-2024-25128 | dpgaspar Flask-AppBuilder up to 4.3.10 OpenID Service improper authentication

CVE-2023-50944 | Apache Airflow up to 2.8.0 authorization

CVE-2022-4003 | Motorola Q14 Mesh Router prior 1.5.0.16 API Request resource consumption