mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
36 lines
1.4 KiB
JSON
36 lines
1.4 KiB
JSON
{
|
|
"id": "CVE-2024-26484",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2024-02-22T05:15:10.037",
|
|
"lastModified": "2024-08-02T00:15:47.527",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [
|
|
{
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"tags": [
|
|
"disputed"
|
|
]
|
|
}
|
|
],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A stored cross-site scripting (XSS) vulnerability in the Edit Content Layout module of Kirby CMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Link field. NOTE: the vendor's position is that this issue did not affect any version of Kirby CMS. The only effect was on the trykirby.com demo site, which is not customer-controlled."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en el m\u00f3dulo Edit Content Layout de Kirby CMS v4.1.0 permite a los atacantes ejecutar script web o HTML arbitrario a trav\u00e9s de un payload manipulado inyectado en el campo Enlace."
|
|
}
|
|
],
|
|
"metrics": {},
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/getkirby/demokit/commit/d4877a6715cbf6517cb04ff57798851ffbd0cd7e",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "https://shrouded-trowel-50c.notion.site/Kirby-CMS-4-1-0-Stored-Cross-Site-Scripting-153b4eb557a2488188ad8167734ca226?pvs=4",
|
|
"source": "cve@mitre.org"
|
|
}
|
|
]
|
|
} |