Unrated severityNVD Advisory· Published Jan 7, 2025· Updated Jan 8, 2025
[20250102] - Core - XSS vector in the id attribute of menu lists
CVE-2024-40748
Description
Lack of output escaping in the id attribute of menu lists.
Affected products
1- Range: 3.0.0-3.10.19
Patches
2a214bde03d2fac793f392ed1Vulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1News mentions
0No linked articles in our index yet.