CVE-2024-24506 | Lime Survey Community Edition 5.3.32+220817 General Setting Administrator email address cross site scripting (Exploit 51926 / EDB-51926)

Inserito da Angelo Barbosa | Apr 3, 2024 | CVE

A vulnerability was found in Lime Survey Community Edition 5.3.32+220817. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component General Setting. The manipulation of the argument Administrator email address leads to cross site scripting.

This vulnerability is known as CVE-2024-24506. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-24506 | Lime Survey Community Edition 5.3.32+220817 General Setting Administrator email address cross site scripting (Exploit 51926 / EDB-51926)

Post correlati

CVE-2024-4754 | Next4Biz CRM & BPM Software Business Process Manangement 6.6.4.4 cross site scripting

CVE-2024-25631 | Cilium up to 1.14.6 External kvstore missing encryption (GHSA-x989-52fc-4vr4)

CVE-2024-29934 | Piotnet Addons for Elementor Plugin up to 2.4.25 on WordPress cross site scripting

CVE-2024-23665 | Fortinet FortiWeb up to 6.3.23/6.4.3/7.0.10/7.2.7/7.4.2 Requests improper authorization (FG-IR-23-474)