A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://github.com/wangl1989/mysiteforme/issues/54 | Exploit Issue Tracking |
| https://github.com/wangl1989/mysiteforme/issues/54#issue-2757765372 | Exploit Issue Tracking |
| https://vuldb.com/?ctiid.290211 | Permissions Required VDB Entry |
| https://vuldb.com/?id.290211 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.468473 | Third Party Advisory VDB Entry |
Configurations
History
10 Jan 2025, 21:01
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
| First Time |
Wangl1989
Wangl1989 mysiteforme |
|
| References | () https://vuldb.com/?id.290211 - Third Party Advisory, VDB Entry | |
| References | () https://github.com/wangl1989/mysiteforme/issues/54#issue-2757765372 - Exploit, Issue Tracking | |
| References | () https://github.com/wangl1989/mysiteforme/issues/54 - Exploit, Issue Tracking | |
| References | () https://vuldb.com/?submit.468473 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.290211 - Permissions Required, VDB Entry | |
| CWE | ||
| CPE | cpe:2.3:a:wangl1989:mysiteforme:1.0:*:*:*:*:*:*:* |
05 Jan 2025, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-01-05 10:15
Updated : 2025-01-10 21:01
NVD link : CVE-2024-13137
Mitre link : CVE-2024-13137
JSON object : View
Products Affected
wangl1989
- mysiteforme
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')