CVE-2024-7733

A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://gitee.com/xjd2020/fastcms/issues/IAI8T6 Exploit Issue Tracking Third Party Advisory
https://vuldb.com/?ctiid.274350 Permissions Required VDB Entry
https://vuldb.com/?id.274350 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:xjd2020:fastcms:*:*:*:*:*:*:*:*

History

12 Sep 2024, 16:20

Type Values Removed Values Added
References () https://gitee.com/xjd2020/fastcms/issues/IAI8T6 - () https://gitee.com/xjd2020/fastcms/issues/IAI8T6 - Exploit, Issue Tracking, Third Party Advisory
References () https://vuldb.com/?ctiid.274350 - () https://vuldb.com/?ctiid.274350 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.274350 - () https://vuldb.com/?id.274350 - Third Party Advisory, VDB Entry
Summary
  • (es) Una vulnerabilidad clasificada como problemática fue encontrada en FastCMS hasta 0.1.5. Una función desconocida del componente New Article Category Page es afectada por esta función. La manipulación conduce a cross site scripting. Es posible lanzar el ataque de forma remota. El exploit ha sido divulgado al público y puede utilizarse.
First Time Xjd2020 fastcms
Xjd2020
CVSS v2 : 4.0
v3 : 3.5
v2 : 4.0
v3 : 5.4
CPE cpe:2.3:a:xjd2020:fastcms:*:*:*:*:*:*:*:*

13 Aug 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-13 18:15

Updated : 2024-09-12 16:20


NVD link : CVE-2024-7733

Mitre link : CVE-2024-7733

CVE.ORG link : CVE-2024-7733


JSON object : View

Products Affected

xjd2020

  • fastcms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')