CVE-2024-33338

2024-04-2900:00:00

mitre

www.cve.org

cross site scripting

jizhicms

sensitive information

article publication

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.7%

JSON

Cross Site Scripting vulnerability in jizhicms v.2.5.4 allows a remote attacker to obtain sensitive information via a crafted article publication request.

References

github.com/7akahash1/POC/blob/main/1.md

github.com/Cherry-toto/jizhicms/issues/86

nvd.nist.gov/vuln/detail/CVE-2023-31862