Lucene search
China National Vulnerability DatabaseCNVD-2023-43864HistoryMay 29, 2023 - 12:00 a.m.
IceCMS Cross-Site Scripting Vulnerability
2023-05-2900:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
icecms
cross-site scripting
spring boot
vue
filtering
escaping
injection
web script
html
vulnerability
EPSS
0.001
Percentile
23.5%
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . IceCMS v1.0.0 version exists cross-site scripting vulnerability, the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping, an attacker can exploit the vulnerability by injecting a well-designed payload to execute arbitrary Web script or HTML.
Related
nvd
nvd
CVE-2023-33356
2023-05-25 14:15:11
cve
cve
CVE-2023-33356
2023-05-25 14:15:11
cvelist
cvelist
CVE-2023-33356
2023-05-25 00:00:00
prion
prion
Cross site scripting
2023-05-25 14:15:00