CVE-2024-33371

2024-04-3020:15:08

[email protected]

web.nvd.nist.gov

cve-2024-33371

remote attacker

arbitrary code

makehtml_list_action.php

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtml_list_action.php component.

References

gitee.com/zchuanwen/cve/issues/I9HQRY