Description
A vulnerability, which was classified as problematic, was found in Dreamer CMS up to 3.5.0. Affected is an unknown function of the component File Upload Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-224634 is the identifier assigned to this vulnerability.
References
https://github.com/iteachyou-wjn/dreamer_cms/issues/11
ExploitThird Party Advisory
https://vuldb.com/?ctiid.224634
Permissions RequiredThird Party Advisory
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2023-03-30T23:15:06.583
1 year agoLast modified
2024-05-17T02:18:24.840
2 months ago