Lucene search
China National Vulnerability DatabaseCNVD-2023-98191HistoryDec 05, 2023 - 12:00 a.m.
IceCMS Cross-Site Scripting Vulnerability (CNVD-2023-9819192)
2023-12-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
3
icecms
cross-site scripting
vulnerability
spring boot
vue
filtering
escaping
exploitation
payload
cnvd-2023-9819192
IceCMS is a content management system based on Spring Boot + Vue front-end and back-end separation . A cross-site scripting vulnerability exists in IceCMS version 2.0.1. The vulnerability stems from the application’s lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary web script or HTML by injecting a carefully crafted payload.
| CPE | Name | Operator | Version |
|---|---|---|---|
| icecms icecms | eq | 2.0.1 |
Related
nvd
nvd
CVE-2023-6466
2023-12-02 14:15:07
prion
prion
Cross site scripting
2023-12-02 14:15:00
cve
cve
CVE-2023-6466
2023-12-02 14:15:07
cvelist
cvelist
CVE-2023-6466 Thecosy IceCMS User Comment planet cross site scripting
2023-12-02 13:31:04