| |
Vulnerability CVE-2024-45962
Published: 2024-10-02
| Description: |
October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted JavaScript to the target. |
References: |
https://grimthereaperteam.medium.com/october-cms-3-6-30-stored-xss-ddf2be7a226e
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
