CVE-2024-11319
CVSS 3.1 Score 4.8 of 10 (medium)
Details
Published Nov 18, 2024
Updated: Nov 21, 2024
CWE ID 79
Summary
CVE-2024-11319 is a Cross-Site Scripting (XSS) vulnerability affecting various versions of django CMS Association's django-cms product. Specifically, this issue arises from improper neutralization of user input during web page generation. Hackers can exploit this vulnerability by injecting malicious scripts into affected websites, potentially stealing user data or gaining unauthorized access. Affected versions include django-cms: 3.11.7, 3.11.8, 4.1.2, and 4.1.3. Users are strongly urged to update to a secure version to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- CMs
Affected Vendors
- Pluck -