CVE-2024-13196

Medium CVSS: 5.3

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file src/main/java/org/zdd/bookstore/web/controller/BookInfoController.java. The manipulation of the argument keywords leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Vendor

Donglight

Product

Bookstore

CWE

CWE-79

Yayın Tarihi

2025-01-09 00:15:25

Güncelleme

2025-08-22 21:40:12

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Bookstore MEDIUM Donglight 2025

Referanslar

https://github.com/donglight/bookstore/issues/12 https://github.com/donglight/bookstore/issues/12#issue-2760934170 https://vuldb.com/?ctiid.290788 https://vuldb.com/?id.290788 https://vuldb.com/?submit.469771 https://github.com/donglight/bookstore/issues/12 https://github.com/donglight/bookstore/issues/12#issue-2760934170

Benzer Kayıtlar

Medium

CVE-2024-13210

A vulnerability was found in donglight bookstore电商书城系统说明 1.0. It has been declared as critical. Affected by this vulnera…

Medium

CVE-2024-13195

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as critical. This affects the fun…

Medium

CVE-2024-13197

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been rated as problematic. This issue affects the…