CVE-2024-57605

Medium CVSS: 5.4

Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components.

Vendor

Thedaylightstudio

Product

Fuel Cms

CWE

CWE-79

Yayın Tarihi

2025-02-12 22:15:41

Güncelleme

2025-07-09 15:03:30

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Fuel Cms MEDIUM Thedaylightstudio 2025

Referanslar

https://hkohi.ca/vulnerability/3

Benzer Kayıtlar

Critical

CVE-2026-30458

An issue in Daylight Studio FuelCMS v1.5.2 allows attackers to exfiltrate users' password reset tokens via a mail splitt…

High

CVE-2026-30463

Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php co…

Critical

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via…