Medium severity6.1NVD Advisory· Published Jul 20, 2024· Updated Jun 17, 2026
CVE-2024-40347
CVE-2024-40347
Description
A reflected cross-site scripting (XSS) vulnerability in Hyland Alfresco Platform 23.2.1-r96 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload into the parameter htmlid.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 23.2.1-r96
Patches
Vulnerability mechanics
References
1- github.com/4rdr/proofs/blob/main/info/Alfresco_Reflected_XSS_via_htmlid_parameter.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.