Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-0776
Modified
More InfoOfficial Page
Source-cna@vuldb.com
View Known Exploited Vulnerability (KEV) details
Published At-22 Jan, 2024 | 01:15
Updated At-17 May, 2024 | 02:34

A vulnerability, which was classified as problematic, has been found in LinZhaoguan pb-cms 2.0. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation with the input <div onmouseenter="alert("xss)"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251678 is the identifier assigned to this vulnerability.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Secondary3.13.5LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Secondary2.04.0MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
CPE Matches
pb-cms_project
pb-cms_project
>>pb-cms>>2.0
cpe:2.3:a:pb-cms_project:pb-cms:2.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarycna@vuldb.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/sweatxi/BugHub/blob/main/Pbcms%20Background%20recovery%20store%20xss.pdfcna@vuldb.com
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.251678cna@vuldb.com
Permissions Required
Third Party Advisory
https://vuldb.com/?id.251678cna@vuldb.com
Third Party Advisory
Change History
0Changes found
Details not found