VYPR
Moderate severityNVD Advisory· Published Feb 29, 2024· Updated Aug 1, 2024

Cross-Site Scripting vulnerability in Cockpit CMS

CVE-2024-2001

Description

A Cross-Site Scripting vulnerability in Cockpit CMS affecting version 2.7.0. This vulnerability could allow an authenticated user to upload an infected PDF file and store a malicious JavaScript payload to be executed when the file is uploaded.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.