Skycaiji: >> Skycaiji >> 2.8 Security Vulnerabilities
Cross Site Scripting (XSS) vulnerability in skycaiji 2.8 allows attackers to run arbitrary code via /admin/tool/preview.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
A cross-site scripting (XSS) vulnerability in skycaiji v2.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload using eval(String.fromCharCode()).
CVSS Score
6.1
EPSS Score
0.002
Published
2024-06-26
An issue discovered in skycaiji 2.8 allows attackers to run arbitrary code via crafted POST request to /index.php?s=/admin/develop/editor_save.
CVSS Score
9.8
EPSS Score
0.002
Published
2024-06-26
A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Task Handler. The manipulation of the argument onerror leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269419.
CVSS Score
2.4
EPSS Score
0.001
Published
2024-06-22