CVE-2024-57605

Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components.

Published: Feb 12, 2025
Updated: Jul 10, 2025
CVE: CVE-2024-57605
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
thedaylightstudio / fuel_cms	1.5.2	1.5.2.x

https://hkohi.ca/vulnerability/3

Vulnerability Database

CVE-2024-57605