CVE-2024-56923
CVE-2024-56923
Título es
CVE-2024-56923
Mié, 22/01/2025 – 21:15
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2024-56923
Descripción en
Stored Cross-Site Scripting (XSS) in the Categorization Option of My Subscriptions Functionality in Silverpeas Core 6.4.1 allows a remote attacker to execute arbitrary JavaScript code. This is achieved by injecting a malicious payload into the Name field of a subscription. The attack can lead to session hijacking, data theft, or unauthorized actions when an admin user views the affected subscription.
22/01/2025
22/01/2025
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
Pendiente de análisis
Enviar en el boletín
Off
