1. Home
  2. Vulnerabilities
  3. CVE-2024-5520

CVE-2024-5520

CVSS v3.1 6.4 (Medium)
64% Progress
EPSS 0.04 % (10th)
0.04% Progress
Advisories 1
NVD Status Awaiting Analysis
Info CVSS EPSS CAPEC References Security Advisories Packages & Software Graph Web & Social Timeline

Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user with sufficient privileges to create and modify web pages through the admin panel, can execute malicious JavaScript code, after inserting code in the “title” field.

Weaknesses
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE Status
PUBLISHED
NVD Status
Awaiting Analysis
CNA
Spanish National Cybersecurity Institute, S.A. (INCIBE)
Published Date
2024-05-30 12:15:10
(3 months ago)
Updated Date
2024-05-30 13:15:41
(3 months ago)