Lucene search

MitreVULNRICHMENT:CVE-2024-33401

HistoryApr 29, 2024 - 12:00 a.m.

CVE-2024-33401

2024-04-2900:00:00

mitre

github.com

cross site scripting

dedecms

remote attacker

arbitrary code

mnum parameter

AI Score

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to run arbitrary code via the mnum parameter.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*"
    ],
    "vendor": "dedecms",
    "product": "dedecms",
    "versions": [
      {
        "status": "affected",
        "version": "5.7.113"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

gitee.com/zchuanwen/cve123/issues/I9I18D