cvedb.io
CVE-2024-8572
LOW · CVSS 3.5
EPSS exploitation probability: 0%
Published 2024-09-08T08:15:13.443 · Last modified 2026-06-17T08:22:53.110

Summary

A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been declared as problematic. This vulnerability affects the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipulation of the argument alias leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.1 is able to address this issue. The patch is identified as 3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c. It is recommended to upgrade the affected component.

Affected products

gouniverse — golang_cms

Does this affect you?

Add your gear to cvedb and we'll alert you only when gouniverse ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.