With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session. | |
Title | Cross-site Scripting (XSS) - stored (edit form HTML field) | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: Mautic
Published: 2024-09-18T21:00:28.950Z
Updated: 2024-09-19T15:42:11.246Z
Reserved: 2024-09-17T13:41:00.585Z
Link: CVE-2024-47058
Vulnrichment
No data.
NVD
Status : Received
Published: 2024-09-18T21:15:13.923
Modified: 2024-09-18T21:15:13.923
Link: CVE-2024-47058
Redhat
No data.