CVE-2024-3762 | Emlog Pro 2.2.10 Whisper Page /admin/twitter.php cross site scripting

Posted by Angelo Barbosa | Apr 14, 2024 | CVE

A vulnerability was found in Emlog Pro 2.2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/twitter.php of the component Whisper Page. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-3762. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3762 | Emlog Pro 2.2.10 Whisper Page /admin/twitter.php cross site scripting

Related Posts

CVE-2024-3931 | Totara LMS 18.0.1 Build 20231128.01 Profile admin/roles/check.php ID Number cross site scripting

IBM CICS TX Standard cross-site request forgery (XFDB-266057)

CVE-2024-43345 | PluginOps Landing Page Builder Plugin up to 1.5.2.0 on WordPress path traversal

CVE-2024-0499 | SourceCodester House Rental Management System 1.0 index.php page cross site scripting