2111715623

3 exploits Active since Feb 2024
CVE-2024-26489 WRITEUP MEDIUM WRITEUP
flusity-CMS 2.33 - Stored Cross-Site Scripting via Profile Name Text Field
A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Social block links' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Profile Name text field.
CVSS 6.1
CVE-2024-26490 WRITEUP MEDIUM WRITEUP
flusity-CMS 2.33 - Stored Cross-Site Scripting via Addon JD Simple Title Field
A cross-site scripting (XSS) vulnerability in the Addon JD Simple module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title text field.
CVSS 5.4
CVE-2024-26491 WRITEUP MEDIUM WRITEUP
flusity-CMS 2.33 - Stored Cross-Site Scripting via Gallery Name Text Field
A cross-site scripting (XSS) vulnerability in the Addon JD Flusity 'Media Gallery with description' module of flusity-CMS v2.33 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Gallery name text field.
CVSS 6.1