CVE-2024-45967

Name of the Vulnerable Software and Affected Versions Pagekit version 1.0.18

Description The issue is related to Cross Site Scripting (XSS) in the "index.php/admin/site/widget" endpoint. This means an attacker could potentially inject malicious scripts into the website, affecting users who visit the compromised page.

Recommendations For Pagekit version 1.0.18, as a temporary workaround, consider restricting access to the "index.php/admin/site/widget" endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.