CVE-2024-25874 | Enhavo CMS 0.13.1 Article Module New/Edit Create Tag cross site scripting

Posted by Angelo Barbosa | Feb 22, 2024 | CVE

A vulnerability was found in Enhavo CMS 0.13.1. It has been classified as problematic. Affected is an unknown function of the file New/Edit of the component Article Module. The manipulation of the argument Create Tag leads to cross site scripting.

This vulnerability is traded as CVE-2024-25874. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-25874 | Enhavo CMS 0.13.1 Article Module New/Edit Create Tag cross site scripting

Related Posts

CVE-2022-41951 | oroinc OroPlatform up to 4.1.13/4.2.10/5.0.8 getTemporaryFileName path traversal (GHSA-9v3j-4j64-p937)

CVE-2023-39204: Zoom Client buffer overflow

CVE-2024-37880 | Kyber Reference implementation up to 18.x ML-KEM 512 Secret Key ref/poly.c poly_frommsg information exposure

CVE-2023-6004 | libssh up to 0.9.7/0.10.5 ProxyCommand/ProxyJump hostname code injection