Remote Code Execution Vulnerability in MacCMS
CVE-2024-32391

7.3HIGH

Key Information:

Vendor: MacCMS
Status: Maccms
Vendor: CVE Published:; 19 April 2024

What is CVE-2024-32391?

The Cross Site Scripting vulnerability in MacCMS version 10.2024.1000.3000 allows attackers to inject malicious scripts into webpages. This can lead to unauthorized actions on behalf of users, data theft, and compromise of sensitive information. Remediation steps should be taken immediately to patch affected systems and prevent exploitation.

References

https://github.com/magicblack/maccms10/issues/1133

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2024

CVE-2024-32391 Data

JSON