Metrics
Affected Vendors & Products
Tue, 10 Dec 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* |
Thu, 05 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dedecms
Dedecms dedecms |
|
CPEs | cpe:2.3:a:dedecms:dedecms:5.7.116:*:*:*:*:*:*:* | |
Vendors & Products |
Dedecms
Dedecms dedecms |
|
Metrics |
ssvc
|
Wed, 04 Dec 2024 23:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |
Title | DedeCMS HTTP POST Request carbuyaction.php RemoveXSS cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2024-12-04T23:00:13.891Z
Updated: 2024-12-05T15:04:56.839Z
Reserved: 2024-12-04T16:30:54.853Z
Link: CVE-2024-12183
Updated: 2024-12-05T15:04:45.803Z
Status : Analyzed
Published: 2024-12-04T23:15:05.760
Modified: 2024-12-10T16:05:39.010
Link: CVE-2024-12183
No data.