Vulnerability Details CVE-2024-29271
Reflected Cross-Site Scripting (XSS) vulnerability in VvvebJs before version 1.7.7, allows remote attackers to execute arbitrary code and obtain sensitive information via the action parameter in save.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.8%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2024-29271
-
cpe:2.3:a:vvveb:vvvebjs:1.0
-
cpe:2.3:a:vvveb:vvvebjs:1.1
-
cpe:2.3:a:vvveb:vvvebjs:1.2
-
cpe:2.3:a:vvveb:vvvebjs:1.2.1
-
cpe:2.3:a:vvveb:vvvebjs:1.2.2
-
cpe:2.3:a:vvveb:vvvebjs:1.3
-
cpe:2.3:a:vvveb:vvvebjs:1.4
-
cpe:2.3:a:vvveb:vvvebjs:1.4.1
-
cpe:2.3:a:vvveb:vvvebjs:1.5
-
cpe:2.3:a:vvveb:vvvebjs:1.6
-
cpe:2.3:a:vvveb:vvvebjs:1.7
-
cpe:2.3:a:vvveb:vvvebjs:1.7.1
-
cpe:2.3:a:vvveb:vvvebjs:1.7.2
-
cpe:2.3:a:vvveb:vvvebjs:1.7.3
-
cpe:2.3:a:vvveb:vvvebjs:1.7.4
-
cpe:2.3:a:vvveb:vvvebjs:1.7.5
-
cpe:2.3:a:vvveb:vvvebjs:1.7.6