CVE-2024-47356

MEDIUM Year: 2024
CVSS v3 Score
5.1
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Create allows Stored XSS.This issue affects Create: from n/a through 2.9.1.

Related Vulnerabilities

CVE-2022-4647

MEDIUM
CVSS:5.1(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3.2.

CWE-792022

CVE-2023-1270

MEDIUM
CVSS:5.1(Medium)

Cross-site Scripting in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.

CWE-792023

CVE-2023-1704

MEDIUM
CVSS:5.1(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.20.

CWE-792023

CVE-2024-3977

MEDIUM
CVSS:5.1(Medium)

The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scriptin...

CWE-792024

CVE-2024-44010

MEDIUM
CVSS:5.1(Medium)

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Full frame allows Stored XSS.This issue affects Full frame: from n/a through 2...

CWE-792024

CVE-2024-47313

MEDIUM
CVSS:5.1(Medium)

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Catch Base allows Stored XSS.This issue affects Catch Base: from n/a through 3...

CWE-792024