Lucene search
MitreVULNRICHMENT:CVE-2024-40111HistoryAug 23, 2024 - 12:00 a.m.
CVE-2024-40111
2024-08-2300:00:00
mitre
github.com
2
persistent
xss
automad
flat file cms
browser execution
A persistent (stored) cross-site scripting (XSS) vulnerability has been identified in Automad 2.0.0-alpha.4. This vulnerability enables an attacker to inject malicious JavaScript code into the template body. The injected code is stored within the flat file CMS and is executed in the browser of any user visiting the forum.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:automad:automad:2.0.0-alpha.4:*:*:*:*:*:*:*"
],
"vendor": "automad",
"product": "automad",
"versions": [
{
"status": "affected",
"version": "2.0.0-alpha.4"
}
],
"defaultStatus": "unknown"
}
]Related
cvelist
cvelist
CVE-2024-40111
2024-08-23 00:00:00
nvd
nvd
CVE-2024-40111
2024-08-23 21:15:07
veracode
veracode
Cross-site Scripting (XSS)
2024-08-26 07:12:57
github
github
Automad Cross-site Scripting vulnerability
2024-08-23 21:30:42
osv
osv
Automad Cross-site Scripting vulnerability
2024-08-23 21:30:42
cve
cve
CVE-2024-40111
2024-08-23 21:15:07
AI Score
5.5
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2024-40111