CVE-2024-9279 | funnyzpc Mee-Admin up to 1.6 User Center /mee/index User Nickname cross site scripting

A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6. This affects an unknown part of the file /mee/index of the component User Center. The manipulation of the argument User Nickname leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-9279. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-9279 | funnyzpc Mee-Admin up to 1.6 User Center /mee/index User Nickname cross site scripting

Related Posts

CVE-2023-32471 | Dell Edge Gateway 5200/Edge Gateway 3200 prior 1.05.10 BIOS out-of-bounds (dsa-2023-225)

CVE-2024-41997 | Warp Terminal prior 0.2024.07.16.08.02 Docker Integration open_subshell command injection

CVE-2024-29174 | Dell PowerProtect DD prior 7.7.5.30/7.10.1.20/7.13.0.0 sql injection (dsa-2024-219)

CVE-2024-26335 | swftools 0.9.2 swfc-history.c state_free memory corruption (Issue 222)