CVE-2023-2476 Dromara J2eeFAST Announcement cross site scripting

🗓️ 02 May 2023 13:31:03Reported by VulDBType

Vulnerability in Dromara J2eeFAST 2.6.0 Announcement Handle

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-2476	2 May 202318:30	–	circl
CNNVD	J2eeFAST 跨站脚本漏洞	2 May 202300:00	–	cnnvd
CVE	CVE-2023-2476	2 May 202313:31	–	cve
EUVD	EUVD-2023-33961	3 Oct 202520:07	–	euvd
NVD	CVE-2023-2476	2 May 202314:15	–	nvd
Prion	Cross site scripting	2 May 202314:15	–	prion
Positive Technologies	PT-2023-19767 · Dromara · Dromara J2Eefast	2 May 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-2476	23 May 202501:50	–	redhatcve

[
  {
    "vendor": "Dromara",
    "product": "J2eeFAST",
    "versions": [
      {
        "version": "2.0",
        "status": "affected"
      },
      {
        "version": "2.1",
        "status": "affected"
      },
      {
        "version": "2.2",
        "status": "affected"
      },
      {
        "version": "2.3",
        "status": "affected"
      },
      {
        "version": "2.4",
        "status": "affected"
      },
      {
        "version": "2.5",
        "status": "affected"
      },
      {
        "version": "2.6",
        "status": "affected"
      }
    ],
    "modules": [
      "Announcement Handler"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
gitee	www.gitee.com/dromara/J2EEFAST/issues/I6W380
gitee	www.gitee.com/dromara/J2EEFAST/commit/7a9e1a00e3329fdc0ae05f7a8257cce77037134d
vuldb	www.vuldb.com/

23 Oct 2023 05:17Current

5.5Medium risk

Vulners AI Score5.5

CVSS 3.13.5

CVSS 33.5

CVSS 24

EPSS0.00212

CWE-79