Количество 2
Количество 2
CVE-2024-47618
Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ (other users including admins) browsers. This issue is fixed in 2.6.5.
GHSA-255w-87rh-rg44
Cross-site Scripting via uploaded SVG
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-47618 Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ (other users including admins) browsers. This issue is fixed in 2.6.5. | CVSS3: 5.4 | 1% Низкий | больше 1 года назад |
| GHSA-255w-87rh-rg44 Cross-site Scripting via uploaded SVG | CVSS3: 6.1 | 1% Низкий | больше 1 года назад |
Уязвимостей на страницу