CVE-2024-13137

Medium CVSS: 5.1

A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Vendor

Wangl1989

Product

Mysiteforme

CWE

CWE-79

Yayın Tarihi

2025-01-05 10:15:06

Güncelleme

2025-01-10 21:01:53

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Mysiteforme MEDIUM Wangl1989 2025

Referanslar

https://github.com/wangl1989/mysiteforme/issues/54 https://github.com/wangl1989/mysiteforme/issues/54#issue-2757765372 https://vuldb.com/?ctiid.290211 https://vuldb.com/?id.290211 https://vuldb.com/?submit.468473

Benzer Kayıtlar

Critical

CVE-2025-26136

A SQL injection vulnerability exists in mysiteforme versions prior to 2025.01.1.

Critical

CVE-2024-57763

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

Critical

CVE-2024-57764

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

High

CVE-2024-57765

MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name parameter at table/list.

Critical

CVE-2024-57766

MSFM before 2025.01.01 was discovered to contain a fastjson deserialization vulnerability via the component system/table…

High

CVE-2024-57767

MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /file/download.