CVE-2024-11348

Vulnerability Description

Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by a patche patch 17012022 addressing all affected versions in use.

Related Weaknesses (CWE)

CWE-79

References

https://cert.pl/en/posts/2025/01/CVE-2024-11348

FAQ

What is CVE-2024-11348?

CVE-2024-11348 is a documented vulnerability. Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by a...

How severe is CVE-2024-11348?

CVSS scoring is not yet available for CVE-2024-11348. Check NVD for updates.

Is there a patch for CVE-2024-11348?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.