CVE-2024-45965 - Contao SVG Remote Code Execution (RCE) via XSS
CVE ID : CVE-2024-45965 Published : Oct. 2, 2024, 8:15 p.m. | 59 minutes ago Description : Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-45965
Published : Oct. 2, 2024, 8:15 p.m. | 59 minutes ago
Description : Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Oct. 2, 2024, 8:15 p.m. | 59 minutes ago
Description : Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
