CVE-2024-10477 | LinZhaoguan pb-cms up to 2.0.1 Permission Management Page /admin#permissions cross site scripting (IAYIB9)

Posted by Angelo Barbosa | Oct 28, 2024 | CVE

A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-10477. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-10477 | LinZhaoguan pb-cms up to 2.0.1 Permission Management Page /admin#permissions cross site scripting (IAYIB9)

Related Posts

CVE-2024-2814 | Tenda AC15 15.03.20_multi /goform/DhcpListClient fromDhcpListClient page stack-based overflow

VDB-259600 | SourceCodester Online Courseware 1.0 edit.php id cross site scripting

CVE-2024-0864 | Leo Khoa Laragon file_upload.php input validation

CVE-2024-5764 | Sonatype Nexus Repository up to 3.72.0 hard-coded credentials