CVE-2024-29644

Опубликовано: 26 мар. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box.

Ссылки

http://dcat-admin.com
Product
https://github.com/jqhph/dcat-admin
Product
https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m
Exploit
Third Party Advisory
http://dcat-admin.com
Product
https://github.com/jqhph/dcat-admin
Product
https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dcatadmin:dcat_admin:*:*:*:*:*:*:*:*

Версия до 1.7.9 (включая)

cpe:2.3:a:dcatadmin:dcat_admin:2.0.0:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.1:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.2:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.3:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.4:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.5:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.6:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.7:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.8:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.9:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.10:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.11:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.12:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.13:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.14:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.15:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.16:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.17:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.18:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.19:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.20:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.21:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.22:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.23:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.0.24:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.1.0:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.1.1:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.1.2:beta:*:*:*:*:*:*

cpe:2.3:a:dcatadmin:dcat_admin:2.1.3:beta:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00699

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-mr24-cf69-5chq