CVE-2024-33465

2024-04-3000:00:00

mitre

github.com

cross site scripting

majordomo

privilege escalation

thumb.php

AI Score

6.7

Confidence

High

SSVC

Exploitation

poc

Automatable

Technical Impact

partial

JSON

Cross Site Scripting vulnerability in MajorDoMo before v.0662e5e allows an attacker to escalate privileges via the the thumb/thumb.php component.

ADP Affected

[
  {
    "cpes": [
      "cpe:2.3:a:mjdm:majordomo:*:*:*:*:*:*:*:*"
    ],
    "vendor": "mjdm",
    "product": "majordomo",
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "0662e5e",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unknown"
  }
]

References

hbzms.github.io/