Vulnerability CVE-2024-39143
Published: 2024-07-02

Description:
A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low-privilege user to create malicious property content with HTML inside which acts as a stored XSS payload.

See advisories in our WLB2 database:
Topic
Author
Date
Low
ResidenceCMS 2.10.1 Cross Site Scripting
Jeremia Geraldi ...
09.07.2024

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/Coderberg/ResidenceCMS/issues/128
Copyright 2024, cxsecurity.com

 

Back to Top