Cross-Site Scripting vulnerability in moziloCMS

INCIBE has coordinated the publication of a medium severity vulnerability affecting moziloCMS version 2.0, a simple and easy to use content management system (CMS) for users with little knowledge of HTML, which has been discovered by Juampa Rodríguez.

This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:

• CVE-2024-2245: 5.4 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N | CWE-79.