CVE-2024-58344 — Cross-Site Scripting (XSS)

April 22, 2026 19:16 /MEDIUM /CVSS 6.4/10

Written by SCW Vulnerability Desk Vulnerability Intelligence

National Vulnerability Database vulnerabilitycvemedium-severitycross-site-scripting-xsscwe-79

CVE-2024-58344 — Cross-Site Scripting (XSS)

CVE-2024-58344 — Carbon Forum 5.9.0 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript code through the Forum Name field in dashboard settings. Attackers with admin privileges can store JavaScript payloads in the Forum Nam

What This Means For You

If your environment is affected by CWE-79, review your exposure and prioritize patching based on your environment. Monitor vendor advisories for CVE-2024-58344 updates and patches.

Indicators of Compromise

ID	Type	Indicator
CVE-2024-58344	vulnerability	CVE-2024-58344
CWE-79	weakness	CWE-79

Written by SCW Vulnerability Desk

🔎

Turn this CVE into SIEM detection coverage Generate detection rules for Splunk, Sentinel, QRadar & Elastic — straight from this vulnerability. Use /detect in the Intel Bot.

Open Intel Bot →

Source & Attribution

Source Platform	NVD
Channel	National Vulnerability Database
Published	April 22, 2026 at 19:16 UTC

This content was curated and summarized by Shimi's Cyber World for informational purposes. It is not copied or republished in full. All intellectual property rights remain with the original author and source.

Believe this infringes your rights? Submit a takedown request.

What This Means For You

Indicators of Compromise

Related Posts

GitLab XSS Flaw: Unauthenticated JavaScript Execution Risk

GitLab Vulnerability Exposes Sensitive Tokens in Storybook

GitLab CSRF Flaw Exposes Authenticated Users to Unauthenticated Attacks