2 matches found
CVE-2024-39143
CVE-2024-39143 describes a stored cross-site scripting (XSS) vulnerability in ResidenceCMS 2.10.1. A low-privilege user can save malicious HTML in a property content field, which is then stored and rendered on secondary views, potentially triggering payloads (including when visited by an administ...
PT-2024-28361 · Unknown · Residencecms
Name of the Vulnerable Software and Affected Versions: ResidenceCMS version 2.10.1 Description: A stored cross-site scripting XSS issue exists, allowing a low-privilege user to create malicious property content with HTML inside, which acts as a stored XSS payload. Recommendations: For ResidenceCM...