How severe is CVE-2024-32746?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.6 out of 10.

What type of vulnerability is CVE-2024-32746?

This is classified as CWE-80, which is a common weakness in software security.

CVE-2024-32746

MEDIUM Year: 2024

CVSS v3 Score

4.6

Medium

Weakness Type

CWE-80

View all →

Vulnerability Description

A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module.

CVE-2023-47663

MEDIUM

CVSS:4.6(Medium)

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5.

CWE-802023

CVE-2024-50344

MEDIUM

CVSS:4.6(Medium)

I, Librarian is an open-source version of a PDF managing SaaS. Supplemental Files are allowed to be viewed in the browser, only if they have a white-listed MIME type. Unfortunately, this logic is brok...

CWE-802024

CVE-2025-29426

MEDIUM

CVSS:4.6(Medium)

Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable to Cross Site Scripting (XSS) in /pages/class.php via the id and cys parameters.

CWE-802025

CVE-2021-1420

MEDIUM

CVSS:4.7(Medium)

A vulnerability in certain web pages of Cisco Webex Meetings could allow an unauthenticated, remote attacker to modify a web page in the context of a user's browser. The vulnerability is due to improp...

CWE-802021

CVE-2023-24496

MEDIUM

CVSS:4.7(Medium)

Cross-site scripting (xss) vulnerabilities exist in the requestHandlers.js detail_device functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code i...

CWE-802023