CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-33338

Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.6%

CVSS Severity

CVSS v3 Score 7.3

References

https://github.com/7akahash1/POC/blob/main/1.md
https://github.com/Cherry-toto/jizhicms/issues/86
https://nvd.nist.gov/vuln/detail/CVE-2023-31862
https://github.com/7akahash1/POC/blob/main/1.md
https://github.com/Cherry-toto/jizhicms/issues/86
https://nvd.nist.gov/vuln/detail/CVE-2023-31862

Products affected by CVE-2024-33338

Jizhicms » Jizhicms » Version: 2.5.4

cpe:2.3:a:jizhicms:jizhicms:2.5.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-33338

Products

Pricing

Contact Us