CVE-2024-45406 | SynScan

Vulnerability Database

289,496

Total vulnerabilities in the database

CVE-2024-45406

Craft is a content management system (CMS). Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input.

Published: Sep 9, 2024
Updated: May 4, 2025
CVE: CVE-2024-45406
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.8
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
craftcms / craft_cms	5.0.0	5.1.2