CVE-2024-27757

2024-03-1804:15:09

[email protected]

web.nvd.nist.gov

cve-2024-27757

flusity cms

xss

vulnerability

nvd

6.9 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The reporter indicates that this product “ceased its development as of February 2024.”

References

github.com/jubilianite/flusity-CMS/security/advisories/GHSA-5843-5m74-7fqh