CVE-2024-27752

2024-04-1916:15:09

[email protected]

web.nvd.nist.gov

cross site scripting

remote attacker

arbitrary code execution

default keyword

security vulnerability

csz cms v1.3.0

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the Default Keyword field in the settings function.

References

github.com/flyhha/cms/blob/main/1.md