CVE-2023-31862
CVSS V2 None
CVSS V3 None
Description
jizhicms v2.4.6 is vulnerable to Cross Site Scripting (XSS). The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the request package.
Overview
- CVE ID
- CVE-2023-31862
- Assigner
- cve@mitre.org
- Vulnerability Status
- Received
- Published Version
- 2023-05-19T13:15:08
- Last Modified Date
- 2023-05-19T13:15:08
References
| Reference URL | Reference Tags |
|---|---|
| https://github.com/Cherry-toto/jizhicms/issues/86 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-31862 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31862 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2023-05-19 14:00:52 | Added to TrackCVE |