Cross Site Scripting Vulnerability in Pagekit CMS by Pagekit
CVE-2024-45967

4.7MEDIUM

Key Information:

Vendor: Pagekit
Status: Pagekit CMS
Vendor: CVE Published:; 1 October 2024

What is CVE-2024-45967?

Pagekit CMS version 1.0.18 is susceptible to a Cross Site Scripting vulnerability located in the index.php/admin/site/widget component. This flaw allows an attacker to inject malicious scripts into pages viewed by users, potentially compromising security and user data. It is crucial for organizations using this version of Pagekit to apply appropriate security measures and updates to mitigate this risk. For further details, please visit the reference link provided.

References

https://github.com/yingning620/test123/blob/main/Pagekit%...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2024
Vulnerability Reserved
Sep 11, 2024

CVE-2024-45967 Data

JSON