CVE-2024-56115

Suggested description

A vulnerability in Amiro.CMS before 7.8.4 exists due to the failure to take measures to neutralize special elements. It allows remote attackers to conduct an Cross-Site Scripting (XSS) attack.

Vulnerability Type

CWE-78 | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Vendor of Product

Amiro.CMS (https://www.amiro.ru)

Affected Product Code Base

Amiro.CMS – 7.8.4 and earlier

Impact Escalation of Privileges

True

Has vendor confirmed or acknowledged the vulnerability?

True

Discoverer

Compliance Control Team

Reference

https://www.amiro.ru

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2024-56115

Suggested description

Vulnerability Type

Vendor of Product

Affected Product Code Base

Impact Escalation of Privileges

Has vendor confirmed or acknowledged the vulnerability?

Discoverer

Reference

About

Releases

Packages

ComplianceControl/CVE-2024-56115

Folders and files

Latest commit

History

Repository files navigation

CVE-2024-56115

Suggested description

Vulnerability Type

Vendor of Product

Affected Product Code Base

Impact Escalation of Privileges

Has vendor confirmed or acknowledged the vulnerability?

Discoverer

Reference

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages