CVE-2024-5520
CVSS v3.1
6.4 (Medium)
EPSS
0.04 % (10th)
Advisories
1
NVD Status
Awaiting Analysis
Two Cross-Site Scripting vulnerabilities have been discovered in Alkacon's OpenCMS affecting version 16, which could allow a user with sufficient privileges to create and modify web pages through the admin panel, can execute malicious JavaScript code, after inserting code in the “title” field.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- NVD Status
- Awaiting Analysis
- CNA
- Spanish National Cybersecurity Institute, S.A. (INCIBE)
- Published Date
-
2024-05-30 12:15:10
(3 months ago) - Updated Date
-
2024-05-30 13:15:41
(3 months ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...