CVE-2024-48624

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-48624

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48624.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-48624

Published

2024-10-15T16:15:05.840Z

Modified

2026-04-10T05:18:21.939485Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

In segments\edit.php of DomainMOD below v4.12.0, the segid parameter in the GET request can be exploited to cause a reflected Cross Site Scripting (XSS) vulnerability.

References

https://github.com/domainmod/domainmod/issues/175

Affected packages

Git / github.com/domainmod/domainmod

Affected ranges

Type

GIT

Repo

https://github.com/domainmod/domainmod

Events

Introduced

Fixed

f14fa10a04819af994835ff2cbd5fed05a297536

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.12.0"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.11.1

v0.11.2

v0.12.0

v0.13.0

v0.14.0

v0.14.1

v0.15.0

v0.15.1

v0.15.2

v0.16.0

v0.16.1

v0.17.0

v0.18.0

v0.18.1

v0.18.2

v0.18.3

v0.19.0

v0.19.1

v0.19.2

v0.19.3

v0.19.4

v0.2.0

v0.20.0

v0.20.1

v0.20.2

v0.21.0

v0.21.1

v0.21.2

v0.21.3

v0.21.4

v0.21.5

v0.21.6

v0.21.7

v0.21.8

v0.22.0

v0.22.1

v0.22.2

v0.22.3

v0.22.4

v0.22.5

v0.23.0

v0.24.0

v0.24.1

v0.24.2

v0.25.0

v0.25.1

v0.25.2

v0.26.0

v0.26.1

v0.26.2

v0.26.3

v0.26.4

v0.26.5

v0.26.6

v0.27.0

v0.27.1

v0.27.2

v0.27.3

v0.28.0

v0.29.0

v0.3.0

v0.3.1

v0.30.0

v0.30.1

v0.30.2

v0.31.0

v0.31.1

v0.31.2

v0.31.3

v0.31.4

v0.31.5

v0.32.0

v0.32.1

v0.33.0

v0.33.1

v0.33.2

v0.33.3

v0.33.4

v0.33.5

v0.33.6

v0.34.0

v0.34.1

v0.34.2

v0.35.0

v0.36.0

v0.36.1

v0.36.2

v0.36.3

v0.37.0

v0.37.1

v0.38.0

v0.39.0

v0.4.0

v0.4.1

v0.40.0

v0.40.1

v0.40.2

v0.41.0

v0.41.1

v0.41.2

v0.41.3

v0.42.0

v0.43.0

v0.44.0

v0.44.1

v0.44.2

v0.44.3

v0.44.4

v0.44.5

v0.44.6

v0.45.0

v0.45.1

v0.45.2

v0.46.0

v0.47.0

v0.48.0

v0.49.0

v0.5.0

v0.5.1

v0.5.2

v0.50.0

v0.51.0

v0.52.0

v0.53.0

v0.54.0

v0.55.0

v0.55.1

v0.55.2

v0.55.3

v0.56.0

v0.57.0

v0.57.1

v0.58.0

v0.58.1

v0.58.2

v0.59.0

v0.6.0

v0.6.1

v0.60.0

v0.60.1

v0.61.0

v0.61.1

v0.61.2

v0.62.0

v0.63.0

v0.64.0

v0.65.0

v0.66.0

v0.67.0

v0.67.1

v0.68.0

v0.69.0

v0.69.1

v0.7.0

v0.70.0

v0.70.1

v0.70.2

v0.71.0

v0.72.0

v0.73.0

v0.74.0

v0.75.0

v0.76.0

v0.77.0

v0.77.1

v0.78.0

v0.79.0

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.80.0

v0.81.0

v0.82.0

v0.82.1

v0.82.2

v0.82.3

v0.82.4

v0.83.0

v0.84.0

v0.84.1

v0.84.2

v0.85.0

v0.85.1

v0.86.0

v0.87.0

v0.88.0

v0.89.0

v0.9.0

v0.91.0

v0.91.1

v0.91.2

v0.91.3

v0.91.4

v0.91.5

v0.92.0

v0.92.1

v0.92.2

v0.93.0

v3.*

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.8

v3.0.9

v4.*

v4.00.000

v4.01.000

v4.01.001

v4.01.002

v4.01.003

v4.01.004

v4.01.005

v4.01.006

v4.01.007

v4.01.008

v4.02.000

v4.02.001

v4.03.000

v4.03.001

v4.03.002

v4.04.000

v4.04.001

v4.05.00

v4.05.01

v4.05.02

v4.05.03

v4.06.00

v4.06.01

v4.07.00

v4.08.00

v4.09.00

v4.09.01

v4.09.02

v4.09.03

v4.10.0

v4.11.0

v4.11.01

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-48624.json"