CVE-2024-25876 | THREATINT

Description

A cross-site scripting (XSS) vulnerability in the Header module of Enhavo CMS v0.13.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field.

PUBLISHED Reserved 2024-02-12 | Published 2024-02-22 | Updated 2024-10-30 | Assigner mitre

References

www.enhavo.com/

github.com/.../main/xss-page-content-header-titel-v0.13.1.md

www.enhavo.com/

github.com/.../main/xss-page-content-header-titel-v0.13.1.md

cve.org (CVE-2024-25876)

nvd.nist.gov (CVE-2024-25876)

Download JSON