216.73.217.98

CVE-2024-5737

· Published 28/06/2024 12:15 · Modified 28/06/2024 13:38

Labels: CVE-2024-5737 2024-06-28CVE-2024-5737CWE-79[email protected]

Essential information

Published
28/06/2024 12:15
Modified
28/06/2024 13:38
Author
Creator
CISA KEV
No
CWE

Description

Script afGdStream.php in AdmirorFrames Joomla! extension doesn’t specify a content type and as a result default (text/html) is used. An attacker may embed HTML tags directly in image data which is rendered by a webpage as HTML. This issue affects AdmirorFrames: before 5.0.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References