CVE-2024-26491

2024-02-2206:15:57

[email protected]

web.nvd.nist.gov

2761

cve-2024-26491

cross-site scripting

xss

addon

jd flusity

media gallery

flusity-cms

vulnerability

5.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

A cross-site scripting (XSS) vulnerability in the Addon JD Flusity ‘Media Gallery with description’ module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field.

References

github.com/2111715623/cms/blob/main/1.md