CVE-2023-2476

🗓️ 02 May 2023 13:31:03Reported by VulDBType

A vulnerability in Dromara J2eeFAST up to 2.6.0 allows for remote cross site scripting

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-2476	2 May 202318:30	–	circl
CNNVD	J2eeFAST 跨站脚本漏洞	2 May 202300:00	–	cnnvd
Cvelist	CVE-2023-2476 Dromara J2eeFAST Announcement cross site scripting	2 May 202313:31	–	cvelist
EUVD	EUVD-2023-33961	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2476	2 May 202314:15	–	nvd
Prion	Cross site scripting	2 May 202314:15	–	prion
Positive Technologies	PT-2023-19767 · Dromara · Dromara J2Eefast	2 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-2476	23 May 202501:50	–	redhatcve

NVD

Vulners

Node

j2eefast j2eefastRange≤2.6.0

[
  {
    "vendor": "Dromara",
    "product": "J2eeFAST",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "2.3",
        "status": "affected"
      },
      {
        "version": "2.4",
        "status": "affected"
      },
      {
        "version": "2.5",
        "status": "affected"
      },
      {
        "version": "2.6",
        "status": "affected"
      }
    ],
    "modules": [
      "Announcement Handler"
    ]
  }
]

Source	Link
gitee	www.gitee.com/dromara/J2EEFAST/issues/I6W380
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
gitee	www.gitee.com/dromara/J2EEFAST/commit/7a9e1a00e3329fdc0ae05f7a8257cce77037134d

21 Nov 2024 07:58Current

4.4Medium risk

Vulners AI Score4.4

CVSS 3.13.5 - 5.4

CVSS 24

CVSS 33.5

EPSS0.00212

CWE-79