exploitDog

CVE-2024-11587

Опубликовано: 21 нояб. 2024

Источник: nvd

CVSS3: 3.5

CVSS3: 6.1

CVSS2: 4

EPSS Низкий

Описание

A vulnerability was found in idcCMS 1.60. It has been classified as problematic. This affects the function GetCityOptionJs of the file /inc/classProvCity.php. The manipulation of the argument idName leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/Hebing123/cve/issues/75
Exploit
Issue Tracking
Third Party Advisory
https://vuldb.com/?ctiid.285657
Permissions Required
https://vuldb.com/?id.285657
Third Party Advisory
https://vuldb.com/?submit.442071
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:idccms:idccms:1.60:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00808

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

CWE-79

EPSS

Процентиль: 74%

0.00808

Низкий

3.5 Low

CVSS3

6.1 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-79

CWE-79