The vulnerability of the installModule component in the Wonder CMS content management system allows attackers to perform cross-site scripting attacks.

🗓️ 13 Nov 2023 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Wonder content management InstallModule flaw enables remote cross-site scripting due to missing structure protections.

Reporter	Title	Published	Views	Family All 25
GithubExploit	Exploit for Cross-site Scripting in Wondercms	30 Nov 202418:34	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	24 Nov 202417:39	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	11 Aug 202416:43	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	1 Jul 202516:28	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	5 Nov 202315:06	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	22 Dec 202411:53	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	3 Sep 202409:59	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	2 Oct 202414:05	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	27 Aug 202416:10	–	githubexploit
GithubExploit	Exploit for Cross-site Scripting in Wondercms	30 Oct 202415:38	–	githubexploit

Source	Link
github	www.github.com/prodigiousMind/CVE-2023-41425
sploitus	www.sploitus.com/exploit
web	www.web.nvd.nist.gov/view/vuln/detail

13 Nov 2023 00:00Current

6.1Medium risk

Vulners AI Score6.1

CVSS 38.8

CVSS 210

EPSS0.54305

Wonder content management InstallModule Cross site scripting Remote attacker Structure protections