CVE-2024-2179 | Concrete CMS up to 9.2.6 Group Type Name cross site scripting

Inserito da Angelo Barbosa | Mar 6, 2024 | CVE

A vulnerability classified as problematic has been found in Concrete CMS up to 9.2.6. Affected is an unknown function of the component Group Type Handler. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is traded as CVE-2024-2179. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-2179 | Concrete CMS up to 9.2.6 Group Type Name cross site scripting

Post correlati

CVE-2024-3498 | Toshiba Tec e-Studio Multi-Function Peripheral Web Configuration Page unnecessary privileges

CVE-2024-26003 | Phoenix Contact CHARX SEC-3150 up to 1.5.0 Charging out-of-bounds (VDE-2024-011)

CVE-2024-21435 | Microsoft unknown vulnerability

CVE-2024-39325 | aimeos ai-controller-frontend Payment Status behavioral workflow