2 matches found
CVE-2024-41350
CVE-2024-41350 affects the bjyadmin project (commit a560fd5). The vulnerability is a Cross-Site Scripting (XSS) flaw located in Public/statics/umeditor1_2_3/php/imageUp.php. Root cause involves the imageUp.php component used by bjyadmin, with the impact described as potential XSS (confidentiality...
CVE-2024-41351
CVE-2024-41351 affects bjyadmin (ThinkPHP-based) via Cross-Site Scripting in Public/statics/umeditor1_2_3/php/getContent.php. Root cause is an XSS vulnerability in that endpoint. CVSS: Network attack vector, Low confidentiality/integrity impact, high user interaction required, scope changed (per ...