GHSA-5hcr-g32p-h74c

Source

https://github.com/advisories/GHSA-5hcr-g32p-h74c

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/04/GHSA-5hcr-g32p-h74c/GHSA-5hcr-g32p-h74c.json

Aliases

• CVE-2024-31828

Published

2024-04-27T00:30:37Z

Modified

2024-04-30T08:42:02.649063Z

Summary

Lavalite CMS Cross Site Scripting vulnerability

Details

Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary code and obtain sensitive information via a crafted payload to the URL.

References

• https://nvd.nist.gov/vuln/detail/CVE-2024-31828
• https://github.com/LavaLite/cms
• https://jinmu1108.github.io/uncategorized/CVE-2024-31828