CVE-2024-27757 | flusity CMS up to 2.45 tools/addons_model.php Gallery Name cross site scripting (GHSA-5843-5m74-7fqh)

Inserito da Angelo Barbosa | Mar 18, 2024 | CVE

A vulnerability classified as problematic has been found in flusity CMS up to 2.45. This affects an unknown part of the file tools/addons_model.php. The manipulation of the argument Gallery Name leads to cross site scripting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is uniquely identified as CVE-2024-27757. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-27757 | flusity CMS up to 2.45 tools/addons_model.php Gallery Name cross site scripting (GHSA-5843-5m74-7fqh)

Post correlati

CVE-2024-50634 | sbondCo Watcharr up to 1.43.0 JWT Token access control

CVE-2024-9531 | MultiVendorX Plugin up to 4.2.4 on WordPress authorization

CVE-2023-43279 | tcpreplay 4.4.4 Tcprewrite cidr.c mask_cidr6 null pointer dereference (Issue 824)

CVE-2024-23732 | Embedchain up to 0.1.56 JSON Loader json.py redos