Moderate severityNVD Advisory· Published Feb 22, 2024· Updated Aug 14, 2024
CVE-2024-26481
CVE-2024-26481
Description
Kirby CMS v4.1.0 was discovered to contain a reflected self-XSS vulnerability via the URL parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
getkirby/cmsPackagist | < 3.6.6.5 | 3.6.6.5 |
getkirby/cmsPackagist | >= 3.7.0, < 3.7.5.4 | 3.7.5.4 |
getkirby/cmsPackagist | >= 3.8.0, < 3.8.4.3 | 3.8.4.3 |
getkirby/cmsPackagist | >= 3.9.0, < 3.9.8.1 | 3.9.8.1 |
getkirby/cmsPackagist | >= 3.10.0, < 3.10.0.1 | 3.10.0.1 |
getkirby/cmsPackagist | >= 4.0.0, < 4.1.1 | 4.1.1 |
Affected products
2- Kirby/CMSdescription
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.