mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
125 lines
4.8 KiB
JSON
125 lines
4.8 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-1099",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected is the function getFileOfData of the file /filex/read-raw. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252456."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Es wurde eine problematische Schwachstelle in Rebuild bis 3.5.5 ausgemacht. Hiervon betroffen ist die Funktion getFileOfData der Datei /filex/read-raw. Mittels Manipulieren des Arguments url mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-79 Cross Site Scripting",
|
|
"cweId": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "n/a",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Rebuild",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.0"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.1"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.2"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.3"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.4"
|
|
},
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.5.5"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.252456",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.252456"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.252456",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.252456"
|
|
},
|
|
{
|
|
"url": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/dcilugg0htp973nx",
|
|
"refsource": "MISC",
|
|
"name": "https://www.yuque.com/mailemonyeyongjuan/tha8tr/dcilugg0htp973nx"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "lemono (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 3.5,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 3.5,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "LOW"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 4,
|
|
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
|
|
}
|
|
]
|
|
}
|
|
} |