CVE-2024-10928

A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

No configuration.

History

06 Nov 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-06 23:15

Updated : 2024-11-06 23:15


NVD link : CVE-2024-10928

Mitre link : CVE-2024-10928

CVE.ORG link : CVE-2024-10928


JSON object : View

Products Affected

No product.

CWE
CWE-74

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')