Skip to content

Commit

Permalink
GHSA SYNC: 1 brand new advisory
Browse files Browse the repository at this point in the history
  • Loading branch information
@jasnow @postmodern
jasnow authored and postmodern committed Oct 24, 2024
1 parent 3986f1d commit c105c3f
Showing 1 changed file with 21 additions and 0 deletions.
21 changes: 21 additions & 0 deletions gems/camaleon_cms/CVE-2024-48652.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
---
gem: camaleon_cms
cve: 2024-48652
ghsa: hhxg-rvc9-8726
url: https://github.com/paragbagul111/CVE-2024-48652
title: camaleon_cms affected by cross site scripting
date: 2024-10-23
description: |
Cross Site Scripting vulnerability in camaleon-cms v.2.7.5 allows
remote attacker to execute arbitrary code via the content group
name field.
cvss_v3: 4.8
notes: |
Never patched
Unclear if versions 2.8.0 to 2.8.3 patch this vulnerability.
related:
url:
- https://nvd.nist.gov/vuln/detail/CVE-2024-48652
- https://github.com/paragbagul111/CVE-2024-48652
- https://github.com/advisories/GHSA-hhxg-rvc9-8726

0 comments on commit c105c3f

Please sign in to comment.