CVE-2024-7162 | SeaCMS 12.9/13.0 post.php yzm cross site scripting (Issue 29)

Posted by Angelo Barbosa | Jul 27, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in SeaCMS 12.9/13.0. Affected by this issue is some unknown functionality of the file js/player/dmplayer/admin/post.php?act=setting. The manipulation of the argument yzm leads to cross site scripting.

This vulnerability is handled as CVE-2024-7162. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7162 | SeaCMS 12.9/13.0 post.php yzm cross site scripting (Issue 29)

Related Posts

CVE-2024-7643 | SourceCodester Leads Manager Tool 1.0 Delete Leads delete-leads.php leads sql injection

CVE-2024-24097 | code-projects Scholars Tracking System 1.0 News Feed cross site scripting

CVE-2024-27447 | pretix prior 2024.1.1 File Validation Privilege Escalation

CVE-2024-28919 | Microsoft unknown vulnerability