Security Advisory

CVE-2024-47618

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-03 14:18:02

Last updated 2024-10-18 14:42:45

Assigner GitHub_M

State PUBLISHED

Description

Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ (other users including admins) browsers. This issue is fixed in 2.6.5.

← Browse all CVEs View on cve.org ↗