admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/8xxx/CVE-2024-8572.json
CVE Team f6ce26b6e3
"-Synchronized-Data."
2024-09-08 08:00:35 +00:00

125 lines
4.9 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-8572",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been declared as problematic. This vulnerability affects the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipulation of the argument alias leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.4.1 is able to address this issue. The patch is identified as 3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c. It is recommended to upgrade the affected component."
},
{
"lang": "deu",
"value": "In Gouniverse GoLang CMS 1.4.0 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Betroffen ist die Funktion PageRenderHtmlByAlias der Datei FrontendHandler.go. Durch das Beeinflussen des Arguments alias mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Ein Aktualisieren auf die Version 1.4.1 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Gouniverse",
"product": {
"product_data": [
{
"product_name": "GoLang CMS",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.4.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.276802",
"refsource": "MISC",
"name": "https://vuldb.com/?id.276802"
},
{
"url": "https://vuldb.com/?ctiid.276802",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.276802"
},
{
"url": "https://vuldb.com/?submit.401896",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.401896"
},
{
"url": "https://github.com/gouniverse/cms/issues/5",
"refsource": "MISC",
"name": "https://github.com/gouniverse/cms/issues/5"
},
{
"url": "https://github.com/gouniverse/cms/issues/5#issuecomment-2330848731",
"refsource": "MISC",
"name": "https://github.com/gouniverse/cms/issues/5#issuecomment-2330848731"
},
{
"url": "https://github.com/gouniverse/cms/commit/3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c",
"refsource": "MISC",
"name": "https://github.com/gouniverse/cms/commit/3e661cdfb4beeb9fe2ad507cdb8104c0b17d072c"
},
{
"url": "https://github.com/gouniverse/cms/releases/tag/v1.4.1",
"refsource": "MISC",
"name": "https://github.com/gouniverse/cms/releases/tag/v1.4.1"
}
]
},
"credits": [
{
"lang": "en",
"value": "zihe (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink