CVE-2024-29392

Name of the Vulnerable Software and Affected Versions Silverpeas Core version 6.3

Description The issue is related to Cross Site Scripting (XSS) via the ClipboardSessionController. This means an attacker could potentially inject malicious scripts into the website, affecting users' sessions.

Recommendations For Silverpeas Core version 6.3, as a temporary workaround, consider disabling the ClipboardSessionController function until a patch is available. Restrict access to the vulnerable controller to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.