exploitDog

CVE-2024-24061

Опубликовано: 01 фев. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add.

Ссылки

https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#13-stored-cross-site-scripting-syscontentadd
Exploit
Third Party Advisory
https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#13-stored-cross-site-scripting-syscontentadd
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aitangbao:springboot-manager:1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 23%

0.00077

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-vx2f-5c28-4wg3

CVSS3: 5.4

github

около 2 лет назад

springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sysContent/add.

EPSS

Процентиль: 23%

0.00077

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79