CVE-2024-42699

Medium CVSS: 6.5

Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field

Vendor

Alkacon

Product

Opencms

CWE

CWE-79

Yayın Tarihi

2025-04-21 15:15:58

Güncelleme

2025-04-24 16:42:20

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Opencms MEDIUM Alkacon 2025

Referanslar

https://github.com/Sidd545-cr/CVE/blob/main/CVE-2024-42699%20-%20Stored%20XSS%20in%20image%20title.pdf

Benzer Kayıtlar

Medium

CVE-2026-2735

Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated whe…

Medium

CVE-2026-2736

Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in…

Medium

CVE-2024-41446

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scr…

Medium

CVE-2024-41447

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scr…