CVE-2024-4350 | Concrete CMS up to 8.5.17/9.3.2 RSS Displayer cross site scripting

Posted by Angelo Barbosa | Aug 9, 2024 | CVE

A vulnerability was found in Concrete CMS up to 8.5.17/9.3.2. It has been classified as problematic. Affected is an unknown function of the component RSS Displayer. The manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2024-4350. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-4350 | Concrete CMS up to 8.5.17/9.3.2 RSS Displayer cross site scripting

Related Posts

CVE-2024-7195 | itsourcecode Society Management System 1.0 /admin/check_admin.php username sql injection

CVE-2024-39337 | ClickStudios Passwordstate up to 9.7 improper authentication

CVE-2024-4755 | ptz0n Google CSE Plugin up to 1.0.7 on WordPress Setting cross site scripting

CVE-2024-3357 | SourceCodester Aplaya Beach Resort Online Reservation System 1.0 index.php end cross site scripting