exploitDog

CVE-2024-27757

Опубликовано: 18 мар. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product "ceased its development as of February 2024."

Ссылки

https://github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh
Exploit
Third Party Advisory
https://github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:flusity:flusity:*:*:*:*:*:*:*:*

Версия до 2.45 (включая)

EPSS

Процентиль: 27%

0.00098

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

EPSS

Процентиль: 27%

0.00098

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79