exploitDog

CVE-2024-24062

Опубликовано: 01 фев. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role.

Ссылки

https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole
Exploit
Third Party Advisory
https://github.com/By-Yexing/Vulnerability_JAVA/blob/main/2024/springboot-manager.md#12-stored-cross-site-scripting-sysrole
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aitangbao:springboot-manager:1.6:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00096

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-76q5-rvjr-8vhj

CVSS3: 5.4

github

около 2 лет назад

springboot-manager v1.6 is vulnerable to Cross Site Scripting (XSS) via /sys/role.

EPSS

Процентиль: 27%

0.00096

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79