2 matches found
CVE-2023-40874
DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting XSS vulnerabilities at /dede/voteadd.php via the votename and voteitem1 parameters...
CVE-2023-40874
DedeCMS (versions up to 5.7.110) contains multiple cross-site scripting (XSS) vulnerabilities in /dede/vote_add.php, exploitable via the votename and voteitem1 parameters. Root cause: input handling in that endpoint allows injected scripts. Impact: standard XSS risk; exact exploitation details an...