ADVISORIES

• CVE-2024-48652 (NVD)
• GHSA-hhxg-rvc9-8726
• Vendor Advisory

GEM

camaleon_cms

SEVERITY

CVSS v3.x: 4.8 (Medium)

PATCHED VERSIONS

None.

DESCRIPTION

Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows remote attacker to execute arbitrary code via the content group name field.

RELATED

• https://nvd.nist.gov/vuln/detail/CVE-2024-48652
• https://github.com/paragbagul111/CVE-2024-48652
• https://github.com/advisories/GHSA-hhxg-rvc9-8726