Lucene search
China National Vulnerability DatabaseCNVD-2022-56137HistoryJul 08, 2022 - 12:00 a.m.
PESCMS cross-site scripting vulnerability
2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
pescms
cross-site scripting
version v2.3.3
content publishing platform
data validation
report.php
javascript code
client side
cnvd
EPSS
0.001
Percentile
34.5%
A cross-site scripting vulnerability exists in PESCMS version V2.3.3, a content publishing platform. The vulnerability stems from App/Team/GET/Report.php missing a data validation filter for user-supplied data and output. An attacker could exploit the vulnerability to execute JavaScript code on the client side.
Related
osv
osv
CVE-2021-31676
2022-07-06 13:15:08
nvd
nvd
CVE-2021-31676
2022-07-06 13:15:08
cve
cve
CVE-2021-31676
2022-07-06 13:15:08
prion
prion
Cross site request forgery (csrf)
2022-07-06 13:15:00
cvelist
cvelist
CVE-2021-31676
2022-07-06 12:16:10