5 matches found
CVE-2024-50677
A cross-site scripting XSS vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter...
CVE-2024-50677
creationtimestamp| type| source ---|---|--- 2024-12-06 01:09:08+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/9321 2024-12-06 16:13:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113606761912707262 2024-12-06 18:08:02+00:00| seen| https://t.me/cvedetector/12241...
CVE-2024-50677
CVE-2024-50677 describes a cross-site scripting (XSS) vulnerability in OroPlatform CMS v5.1 where an attacker can inject a crafted payload into the Search parameter to execute arbitrary web scripts or HTML. The root cause is improper handling/validation of user input in the search functionality, ...
CVE-2024-50677
A cross-site scripting XSS vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter...
CVE-2024-50677
A cross-site scripting XSS vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter...