Cross-site Scripting (XSS) Vulnerability in Stockholm Core
CVE-2024-34553
6.1MEDIUM
What is CVE-2024-34553?
An improper neutralization of input during webpage generation has been identified in the Stockholm Core developed by Select-Themes, leading to a reflected Cross-Site Scripting (XSS) vulnerability. This security flaw permits attackers to inject malicious scripts into web pages viewed by users, potentially compromising their session or redirecting them to malicious sites. Users of Stockholm Core versions from n/a through 2.4.1 are encouraged to apply security patches and updates promptly to mitigate the risks associated with this vulnerability.
Affected Version(s)
Stockholm Core <= 2.4.1