Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS01aGNyLWczMnAtaDc0Y84AA7WP
Lavalite CMS Cross Site Scripting vulnerability
Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary code and obtain sensitive information via a crafted payload to the URL.
Permalink: https://github.com/advisories/GHSA-5hcr-g32p-h74cJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS01aGNyLWczMnAtaDc0Y84AA7WP
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 20 days ago
Updated: 17 days ago
Identifiers: GHSA-5hcr-g32p-h74c, CVE-2024-31828
References:
- https://nvd.nist.gov/vuln/detail/CVE-2024-31828
- https://jinmu1108.github.io/uncategorized/CVE-2024-31828
- https://github.com/advisories/GHSA-5hcr-g32p-h74c
Affected Packages
packagist:lavalite/cms
Dependent packages: 0Dependent repositories: 4
Downloads: 54,677 total
Affected Version Ranges: = 10.1.0
No known fixed version
All affected versions: 10.1.0