Medium severityNVD Advisory· Published Dec 11, 2025· Updated Apr 15, 2026
CVE-2024-58296
CVE-2024-58296
Description
CE Phoenix v3.0.1 contains a stored cross-site scripting vulnerability in the currencies administration panel that allows attackers to inject malicious scripts. Attackers can insert XSS payloads in the title field to execute arbitrary JavaScript when administrators view the currencies page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 3.0.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.