CVE-2024-8144

Name of the Vulnerable Software and Affected Versions: ClassCMS version 4.8

Description: A vulnerability was found in ClassCMS, affecting an unknown functionality of the file /index.php/admin of the component Logo Handler. The manipulation leads to cross site scripting. The attack can be launched remotely.

Recommendations: As a temporary workaround, consider disabling access to the /index.php/admin file of the Logo Handler component until a patch is available. Restrict access to the Logo Handler component to minimize the risk of exploitation. Monitor for updates and apply patches as soon as they are released.