CVSS 3.1 Score 5.4 of 10 (medium)


Published Jan 18, 2024
Updated: Jan 20, 2024


CVE-2024-22549 is a vulnerability that affects FlyCms 1.0, specifically in the email settings of the website settings section, making it susceptible to Cross Site Scripting (XSS) attacks. The risk score for this vulnerability is 26, indicating a medium severity level. The base score is 5.4, with low privileges required and user interaction being necessary for exploitation. The attack vector is through a network, and the impacts on integrity and confidentiality are both low. Remediation steps are not provided in the information provided. This vulnerability poses a potential danger to organizations using FlyCms 1.0 as it could allow attackers to inject malicious scripts into web pages viewed by users, leading to various security risks such as data theft or unauthorized actions on the website.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-22549 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options