CVE-2024-7077 MEDIUM

CVE-2024-7077: Reflected XSS in Semtek Informatics Software's Semtek Sempos

Vendor Semtek Informatics Software Consulting Inc.
Product Semtek Sempos
Weakness CWE-79 · XSS
Published September 4, 2024
Last update June 3, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Semtek Informatics Software Consulting Inc. Semtek Sempos allows Reflected XSS. This issue affects Semtek Sempos: through 31072024.

Key dates

02Disclosure timeline

September 4, 2024 CVE published
June 3, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-31574 WordPress Custom Content Scrollbar plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability CVE-2024-56410 PhpSpreadsheet has Cross-Site Scripting (XSS) vulnerability in custom properties CVE-2024-10676 WordPress Conversion Helper plugin <= 1.12 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2021-24722 Restaurant Menu by MotoPress < 2.4.2 - Admin+ Stored Cross Site Scripting CVE-2022-4105 Cross-site Scripting (XSS) - Stored in kiwitcms/kiwi