3 matches found
CVE-2024-41351
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting XSS via Public/statics/umeditor123/php/getContent.php...
CVE-2024-41351
bjyadmin commit a560fd5 is vulnerable to Cross Site Scripting XSS via Public/statics/umeditor123/php/getContent.php...
CVE-2024-41351
CVE-2024-41351 affects bjyadmin (ThinkPHP-based) via Cross-Site Scripting in Public/statics/umeditor1_2_3/php/getContent.php. Root cause is an XSS vulnerability in that endpoint. CVSS: Network attack vector, Low confidentiality/integrity impact, high user interaction required, scope changed (per ...