CVE-2024-4353 | Concrete CMS up to 9.3.2 Generate Dashboard Board Name cross site scripting

Posted by Angelo Barbosa | Aug 1, 2024 | CVE

A vulnerability classified as problematic has been found in Concrete CMS up to 9.3.2. This affects an unknown part of the component Generate Dashboard Board. The manipulation of the argument Name leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-4353. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-4353 | Concrete CMS up to 9.3.2 Generate Dashboard Board Name cross site scripting

Related Posts

CVE-2024-39911 | 1Panel up to 1.10.11-lts sql injection (GHSA-7m53-pwp6-v3f5)

CVE-2023-45252 | Huddly HuddlyCameraService prior 8.0.7 Installation uncontrolled search path

CVE-2024-46372 | DedeCMS 5.7.115 Advertisement Management Module cross site scripting

CVE-2023-36103 | Tenda AC15 15.03.05.20 POST Request goform/SetIPTVCfg command injection