exploitDog

CVE-2024-39143

Опубликовано: 02 июл. 2024

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low-privilege user to create malicious property content with HTML inside which acts as a stored XSS payload.

Ссылки

https://github.com/Coderberg/ResidenceCMS/issues/128
Exploit
Issue Tracking
Patch
https://github.com/Coderberg/ResidenceCMS/issues/128
Exploit
Issue Tracking
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:coderberg:residencecms:2.10.1:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00377

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-3h7x-5mvc-5r6p

CVSS3: 5.4

github

больше 1 года назад

A stored cross-site scripting (XSS) vulnerability exists in ResidenceCMS 2.10.1 that allows a low-privilege user to create malicious property content with HTML inside which acts as a stored XSS payload.

EPSS

Процентиль: 59%

0.00377

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

CWE-79