CVE-2024-41447

Medium CVSS: 5.4

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.

Vendor

Alkacon

Product

Opencms

CWE

CWE-79

Yayın Tarihi

2025-04-18 17:15:33

Güncelleme

2025-04-23 17:31:14

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Opencms MEDIUM Alkacon 2025

Referanslar

https://www.exploit-db.com/exploits/52209

Benzer Kayıtlar

Medium

CVE-2026-2735

Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated whe…

Medium

CVE-2026-2736

Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in…

Medium

CVE-2024-42699

Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to i…

Medium

CVE-2024-41446

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scr…