CVE-2024-7163 | SeaCMS 12.9 index.php color/vid/url cross site scripting (Issue 28)

Posted by Angelo Barbosa | Jul 27, 2024 | CVE

A vulnerability, which was classified as problematic, was found in SeaCMS 12.9. This affects an unknown part of the file /js/player/dmplayer/player/index.php. The manipulation of the argument color/vid/url leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-7163. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-7163 | SeaCMS 12.9 index.php color/vid/url cross site scripting (Issue 28)

Related Posts

CVE-2024-21038 | Oracle Complex Maintenance, Repair, and Overhaul up to 12.2.13 LOV Remote Code Execution

CVE-2024-25962 | Dell InsightIQ 5.0.0 access control (dsa-2024-134)

CVE-2024-34806 | Creative Motion Clearfy Cache Plugin up to 2.2.1 on WordPress cross-site request forgery

CVE-2023-42943 | Apple macOS up to 13.x Location Data information disclosure