The vulnerability has been fixed by a patche patch 17012022 addressing all affected versions in use.
Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2024-34394 | Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by a patche patch 17012022 addressing all affected versions in use. |
| Link | Providers |
|---|---|
| https://cert.pl/en/posts/2025/01/CVE-2024-11348 |
|
Mon, 27 Jan 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 27 Jan 2025 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Eura7 CMSmanager in version 4.6 and below is vulnerable to Reflected XSS attacks through manipulation of return GET request parameter sent to a specific endpoint. The vulnerability has been fixed by a patche patch 17012022 addressing all affected versions in use. | |
| Title | Reflected XSS in Eura7 CMSmanager | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV4_0
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: CERT-PL
Published:
Updated: 2025-01-27T19:36:28.619Z
Reserved: 2024-11-18T16:29:41.145Z
Link: CVE-2024-11348
Updated: 2025-01-27T19:36:24.373Z
Status : Deferred
Published: 2025-01-27T14:15:27.973
Modified: 2026-06-17T06:57:35.503
Link: CVE-2024-11348
No data.
OpenCVE Enrichment
No data.
EUVD