CVE-2024-41447

Description

A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the author parameter under the Create/Modify article function.

PUBLISHED Reserved 2024-07-18 | Published 2025-04-18 | Updated 2025-04-18 | Assigner mitre

References

www.exploit-db.com/exploits/52209

cve.org (CVE-2024-41447)

nvd.nist.gov (CVE-2024-41447)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.