CVE-2024-29273

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-29273
There is Stored Cross-Site Scripting (XSS) in dzzoffice 2.02.1 SC UTF8 in uploadfile to index.php, with the XSS payload in an SVG document.
CVSS

No CVSS.

References
Link Resource
https://github.com/zyx0814/dzzoffice/issues/244 Exploit Issue Tracking Third Party Advisory
https://github.com/zyx0814/dzzoffice/issues/244 Exploit Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:dzzoffice:dzzoffice:2.02.1_sc_utf8:*:*:*:*:*:*:*
History

17 Jun 2025, 14:22

Type Values Removed Values Added
References () https://github.com/zyx0814/dzzoffice/issues/244 - () https://github.com/zyx0814/dzzoffice/issues/244 - Exploit, Issue Tracking, Third Party Advisory
First Time Dzzoffice dzzoffice
Dzzoffice
CPE cpe:2.3:a:dzzoffice:dzzoffice:2.02.1_sc_utf8:*:*:*:*:*:*:*

22 Mar 2024, 04:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-22 04:15

Updated : 2025-06-17 14:22

NVD link : CVE-2024-29273

Mitre link : CVE-2024-29273

JSON object : View

Products Affected

dzzoffice

  • dzzoffice
CWE

No CWE.