CVE-2024-13209 | Redaxo CMS 5.18.1 Structure Management Page Article Name cross site scripting

A vulnerability was found in Redaxo CMS 5.18.1. It has been classified as problematic. Affected is an unknown function of the file /index.php?page=structure&category_id=1&article_id=1&clang=1&function=edit_art&artstart=0 of the component Structure Management Page. The manipulation of the argument Article Name leads to cross site scripting.

This vulnerability is traded as CVE-2024-13209. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-13209 | Redaxo CMS 5.18.1 Structure Management Page Article Name cross site scripting

Post correlati

CVE-2023-42862 | Apple macOS ImageIO Privilege Escalation

CVE-2024-43377 | Umbraco CMS up to 14.1.1 access control

CVE-2024-53766 | Devnex Addons for Elementor Plugin up to 1.0.8 on WordPress cross site scripting

CVE-2023-6033 | GitLab Community Edition/Enterprise Edition prior 16.4.3/16.5.3/16.6.1 Jira Integration Configuration cross site scripting