• caglararli@hotmail.com
  • 05386281520

CVE-2024-7394 | Concrete CMS up to 8.5.17/9.3.2 getAttributeSetName cross site scripting

Çağlar Arlı      -    45 Views

CVE-2024-7394 | Concrete CMS up to 8.5.17/9.3.2 getAttributeSetName cross site scripting

A vulnerability has been found in Concrete CMS up to 8.5.17/9.3.2 and classified as problematic. This vulnerability affects the function getAttributeSetName. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-7394. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.