CVE-2024-3800
Severity:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
28/06/2024
Last modified:
28/06/2024
Description
Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to Reflected XSS via including scripts in requested file names. <br />
Only a part of observed services is vulnerable, but since vendor has not investigated the root problem, it is hard to determine when the issue appears.