CVE-2022-24587

CVE-2022-24587

EPSS 0.7%

A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Nguyen-Trung-Kien/CVE https://github.com/Nguyen-Trung-Kien/CVE/blob/main/CVE-2022-24587/CVE-2022-24587.pdf