Security Advisory

CVE-2024-5520

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-30 11:10:37

Last updated 2024-08-01 21:18:06

Assigner INCIBE

State PUBLISHED

Description

Two Cross-Site Scripting vulnerabilities have been discovered in Alkacons OpenCMS affecting version 16, which could allow a user with sufficient privileges to create and modify web pages through the admin panel, can execute malicious JavaScript code, after inserting code in the “title” field.

← Browse all CVEs View on cve.org ↗