216.73.216.75

CVE-2024-33424

· Published 01/05/2024 19:15 · Modified 01/05/2024 19:50

Labels: CVE-2024-33424 2024-05-01CVE-2024-33424[email protected]

Essential information

Published
01/05/2024 19:15
Modified
01/05/2024 19:50
Author
Creator
CISA KEV
No
CWE

Description

A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Downloads parameter under the Language section.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References