CVE-2024-48623

Source
https://cve.org/CVERecord?id=CVE-2024-48623
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48623.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-48623
Published
2024-10-15T16:15:05.767Z
Modified
2026-04-10T05:18:21.902493Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

In queue\index.php of DomainMOD below v4.12.0, the listid and domainid parameters in the GET request can be exploited to cause a reflected Cross Site Scripting (XSS).

References

Affected packages

Git / github.com/domainmod/domainmod

Affected ranges

Type
GIT
Repo
https://github.com/domainmod/domainmod
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.12.0"
        }
    ]
}

Affected versions

v0.*
v0.1.0
v0.10.0
v0.11.0
v0.11.1
v0.11.2
v0.12.0
v0.13.0
v0.14.0
v0.14.1
v0.15.0
v0.15.1
v0.15.2
v0.16.0
v0.16.1
v0.17.0
v0.18.0
v0.18.1
v0.18.2
v0.18.3
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.19.4
v0.2.0
v0.20.0
v0.20.1
v0.20.2
v0.21.0
v0.21.1
v0.21.2
v0.21.3
v0.21.4
v0.21.5
v0.21.6
v0.21.7
v0.21.8
v0.22.0
v0.22.1
v0.22.2
v0.22.3
v0.22.4
v0.22.5
v0.23.0
v0.24.0
v0.24.1
v0.24.2
v0.25.0
v0.25.1
v0.25.2
v0.26.0
v0.26.1
v0.26.2
v0.26.3
v0.26.4
v0.26.5
v0.26.6
v0.27.0
v0.27.1
v0.27.2
v0.27.3
v0.28.0
v0.29.0
v0.3.0
v0.3.1
v0.30.0
v0.30.1
v0.30.2
v0.31.0
v0.31.1
v0.31.2
v0.31.3
v0.31.4
v0.31.5
v0.32.0
v0.32.1
v0.33.0
v0.33.1
v0.33.2
v0.33.3
v0.33.4
v0.33.5
v0.33.6
v0.34.0
v0.34.1
v0.34.2
v0.35.0
v0.36.0
v0.36.1
v0.36.2
v0.36.3
v0.37.0
v0.37.1
v0.38.0
v0.39.0
v0.4.0
v0.4.1
v0.40.0
v0.40.1
v0.40.2
v0.41.0
v0.41.1
v0.41.2
v0.41.3
v0.42.0
v0.43.0
v0.44.0
v0.44.1
v0.44.2
v0.44.3
v0.44.4
v0.44.5
v0.44.6
v0.45.0
v0.45.1
v0.45.2
v0.46.0
v0.47.0
v0.48.0
v0.49.0
v0.5.0
v0.5.1
v0.5.2
v0.50.0
v0.51.0
v0.52.0
v0.53.0
v0.54.0
v0.55.0
v0.55.1
v0.55.2
v0.55.3
v0.56.0
v0.57.0
v0.57.1
v0.58.0
v0.58.1
v0.58.2
v0.59.0
v0.6.0
v0.6.1
v0.60.0
v0.60.1
v0.61.0
v0.61.1
v0.61.2
v0.62.0
v0.63.0
v0.64.0
v0.65.0
v0.66.0
v0.67.0
v0.67.1
v0.68.0
v0.69.0
v0.69.1
v0.7.0
v0.70.0
v0.70.1
v0.70.2
v0.71.0
v0.72.0
v0.73.0
v0.74.0
v0.75.0
v0.76.0
v0.77.0
v0.77.1
v0.78.0
v0.79.0
v0.8.0
v0.8.1
v0.8.2
v0.8.3
v0.80.0
v0.81.0
v0.82.0
v0.82.1
v0.82.2
v0.82.3
v0.82.4
v0.83.0
v0.84.0
v0.84.1
v0.84.2
v0.85.0
v0.85.1
v0.86.0
v0.87.0
v0.88.0
v0.89.0
v0.9.0
v0.91.0
v0.91.1
v0.91.2
v0.91.3
v0.91.4
v0.91.5
v0.92.0
v0.92.1
v0.92.2
v0.93.0
v3.*
v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0.9
v4.*
v4.00.000
v4.01.000
v4.01.001
v4.01.002
v4.01.003
v4.01.004
v4.01.005
v4.01.006
v4.01.007
v4.01.008
v4.02.000
v4.02.001
v4.03.000
v4.03.001
v4.03.002
v4.04.000
v4.04.001
v4.05.00
v4.05.01
v4.05.02
v4.05.03
v4.06.00
v4.06.01
v4.07.00
v4.08.00
v4.09.00
v4.09.01
v4.09.02
v4.09.03
v4.10.0
v4.11.0
v4.11.01

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48623.json"