Stored Cross-Site Scripting in Alkacon OpenCMS by Alkacon Software
CVE-2024-41447

Currently unrated

Key Information:

Vendor: Alkacon Software
Status: Alkacon OpenCMS
Vendor: CVE Published:; 18 April 2025

🔔 Create Alkacon Software Vulnerability Alert

What is CVE-2024-41447?

A stored cross-site scripting (XSS) vulnerability has been identified in Alkacon OpenCMS version 17.0, which allows attackers to inject arbitrary web scripts or HTML into the application. This vulnerability occurs through the author parameter within the Create/Modify article function, enabling the execution of malicious payloads that can compromise the security of affected systems and the integrity of user interactions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/52209

Timeline

Vulnerability published
Apr 18, 2025

JSON

Alkacon Software

What is CVE-2024-41447?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.