cve/CVE-2024-33326.md at a8969e132322a214e7b78da5711159d6f891f0ab

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio d6bcaa53f2 Update CVE sources 2024-07-25 21:25

2024-07-25 21:25:12 +00:00

Description

A cross-site scripting (XSS) vulnerability in the component XsltResultControllerHtml.jsp of Lumisxp v15.0.x to v16.1.x allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the lumPageID parameter.

POC

Reference

http://seclists.org/fulldisclosure/2024/Jul/10

Github

No PoCs found on GitHub currently.

706 B Raw Blame History

CVE-2024-33326

Description

POC

Reference

Github

706 B

Raw Blame History