CVE-2024-6178: XSS vulnerability in LG SuperSign CMS

Q: What is the severity of CVE-2024-6178?

CVE-2024-6178 is classified as a medium severity vulnerability due to its potential for exploitation via reflected XSS.

Q: How do I fix CVE-2024-6178?

To fix CVE-2024-6178, upgrade your LG SuperSign CMS to version 4.3.1 or later.

Q: Who is affected by CVE-2024-6178?

CVE-2024-6178 affects all versions of LG SuperSign CMS from 4.1.3 up to, but not including, 4.3.1.

Q: What type of vulnerability is CVE-2024-6178?

CVE-2024-6178 is an improper neutralization of input during web page generation vulnerability leading to reflected Cross-Site Scripting (XSS).

Q: When was CVE-2024-6178 reported?

CVE-2024-6178 was reported in 2024, highlighting security concerns in specific versions of LG SuperSign CMS.

Published Jun 20, 2024

Updated

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.

Affected Software

1 affected component

LG SuperSign CMS>=4.1.3<4.3.1

Event History

Jun 20, 2024

CVE Published

via MITRE·01:51 AM

Data Sourced

via MITRE·01:51 AM

DescriptionWeakness

Data Sourced

via NVD·02:15 AM

DescriptionWeakness

Frequently Asked Questions

What is the severity of CVE-2024-6178?

CVE-2024-6178 is classified as a medium severity vulnerability due to its potential for exploitation via reflected XSS.

How do I fix CVE-2024-6178?

To fix CVE-2024-6178, upgrade your LG SuperSign CMS to version 4.3.1 or later.

Who is affected by CVE-2024-6178?

CVE-2024-6178 affects all versions of LG SuperSign CMS from 4.1.3 up to, but not including, 4.3.1.

What type of vulnerability is CVE-2024-6178?

CVE-2024-6178 is an improper neutralization of input during web page generation vulnerability leading to reflected Cross-Site Scripting (XSS).

When was CVE-2024-6178 reported?

CVE-2024-6178 was reported in 2024, highlighting security concerns in specific versions of LG SuperSign CMS.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.