CVE-2024-11488

Name of the Vulnerable Software and Affected Versions 115cms versions up to 20240807

Description A vulnerability was found in the processing of the file /app/admin/view/web user.html, where the manipulation of the argument ks leads to cross-site scripting. The attack may be initiated remotely.

Recommendations For versions up to 20240807, as a temporary workaround, consider restricting access to the file /app/admin/view/web user.html and avoid using the argument ks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.