CVE-2024-6179: XSS vulnerability in LG SuperSign CMS
Published Jun 20, 2024
·Updated
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before < 4.3.1.
Affected Software
1 affected component
LG SuperSign CMS>=4.1.3<4.3.1
Event History
Jun 20, 2024
CVE Published
via MITRE·01:53 AM
Data Sourced
via MITRE·01:53 AM
DescriptionWeakness
Data Sourced
via NVD·02:15 AM
DescriptionWeakness
Frequently Asked Questions
1
What is the severity of CVE-2024-6179?
CVE-2024-6179 is classified as a high severity vulnerability due to its potential for exploited reflected XSS attacks.
2
How do I fix CVE-2024-6179?
To fix CVE-2024-6179, upgrade SuperSign CMS to version 4.3.1 or later.
3
What type of vulnerability is CVE-2024-6179?
CVE-2024-6179 is an improper neutralization of input vulnerability leading to cross-site scripting (XSS).
4
Which versions of SuperSign CMS are affected by CVE-2024-6179?
CVE-2024-6179 affects SuperSign CMS versions from 4.1.3 before 4.3.1.
5
What are the potential impacts of CVE-2024-6179?
The potential impacts of CVE-2024-6179 include the execution of malicious scripts in users' browsers, which can compromise user data and session integrity.