CVE-2024-44872

A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mozilo:mozilocms:3.0:*:*:*:*:*:*:*

History

13 Sep 2024, 15:26

Type Values Removed Values Added
References () https://github.com/moziloDasEinsteigerCMS/mozilo3.0 - () https://github.com/moziloDasEinsteigerCMS/mozilo3.0 - Product
References () https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44872 - () https://github.com/sec-fortress/Exploits/tree/main/CVE-2024-44872 - Exploit, Third Party Advisory
CPE cpe:2.3:a:mozilo:mozilocms:3.0:*:*:*:*:*:*:*
Summary
  • (es) Una vulnerabilidad de cross-site scripting (XSS) reflejado en moziloCMS v3.0 permite a los atacantes ejecutar código arbitrario en el contexto del navegador de un usuario mediante la inyección de un payload especialmente manipulado.
First Time Mozilo mozilocms
Mozilo

10 Sep 2024, 20:35

Type Values Removed Values Added
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

10 Sep 2024, 17:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-10 17:15

Updated : 2024-09-13 15:26


NVD link : CVE-2024-44872

Mitre link : CVE-2024-44872

CVE.ORG link : CVE-2024-44872


JSON object : View

Products Affected

mozilo

  • mozilocms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')