CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-24115

A stored cross-site scripting (XSS) vulnerability in the Edit Page function of Cotonti CMS v0.9.24 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.8%

CVSS Severity

CVSS v3 Score 5.4

References

https://mechaneus.github.io/CVE-2024-24115.html
https://mechaneus.github.io/CVE-2024-24115.html

Products affected by CVE-2024-24115

Cotonti » Siena » Version: 0.9.24

cpe:2.3:a:cotonti:siena:0.9.24

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-24115

Products

Pricing

Contact Us