CVE-2024-26521 Information

Description

HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code escalate privileges and obtain sensitive information via a crafted payload to the english.php component.

Reference

https://github.com/capture0x/Phoenix https://github.com/hackervegas001/CVE-2024-26521