Auto-Update: 2024-07-07T23:55:54.901586+00:00

2025-07-11 16:13:34 +00:00 · 2024-07-07 23:58:48 +00:00 · 2024-07-07 23:58:48 +00:00 · c1440915d6
commit c1440915d6
parent 7869751891
3 changed files with 139 additions and 5 deletions
--- a/CVE-2024/CVE-2024-65xx/CVE-2024-6539.json
+++ b/CVE-2024/CVE-2024-65xx/CVE-2024-6539.json
@ -0,0 +1,133 @@
+{
+  "id": "CVE-2024-6539",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-07-07T23:15:10.003",
+  "lastModified": "2024-07-07T23:15:10.003",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function of the file /guestbook of the component Guestbook Handler. The manipulation of the argument Content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270450 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://gitee.com/heyewei/SpringBootCMS/issues/IA9D7F",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.270450",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.270450",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-07-07T20:00:24.258887+00:00
+2024-07-07T23:55:54.901586+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-07-07T18:15:09.827000+00:00
+2024-07-07T23:15:10.003000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-255979
+255980
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2024-3651](CVE-2024/CVE-2024-36xx/CVE-2024-3651.json) (`2024-07-07T18:15:09.827`)
+- [CVE-2024-6539](CVE-2024/CVE-2024-65xx/CVE-2024-6539.json) (`2024-07-07T23:15:10.003`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -253082,7 +253082,7 @@ CVE-2024-36500,0,0,257fd399a14a7141c50c9e2046f94aaac781c0de172f7af5b46d8dab39ba2
 CVE-2024-36501,0,0,31cf8d7c71722235c9f044b51d6c28f28965439d43fd3f0fcf21214d656b125f,2024-06-17T12:42:04.623000
 CVE-2024-36502,0,0,af0ea55ba6dbd08cf23c5f8732d2aeb0cf79fdfab13bdf5e07cadc44342549d0,2024-06-17T12:42:04.623000
 CVE-2024-36503,0,0,3aef981902bcd0cfa43896ed1ada7c9ec64d59690838f1ba35c268bf26e5218a,2024-06-17T12:42:04.623000
-CVE-2024-3651,1,1,be30455c34a2654395eb4a44c80e2f772b86721c620f12a6b7595d8d6eb72c8b,2024-07-07T18:15:09.827000
+CVE-2024-3651,0,0,be30455c34a2654395eb4a44c80e2f772b86721c620f12a6b7595d8d6eb72c8b,2024-07-07T18:15:09.827000
 CVE-2024-3652,0,0,455dabb71414a7592172807b25da69c5818ecc78456d9f87c63904d4c0988a33,2024-05-01T17:15:37.793000
 CVE-2024-36523,0,0,779ff20f3e54c54b68fa38cf8a73a6874fca821f18024ef38fb974b398395dd0,2024-06-13T18:36:09.010000
 CVE-2024-36527,0,0,5a4da781a91464af6910d804126691f30125cf5f5ae9e52379cc70e43ae0f627,2024-07-03T02:03:14.827000
@ -255978,3 +255978,4 @@ CVE-2024-6523,0,0,8e944d33060f893d0f8a5de05c5d1f404dc8cc2a3646a4fb123baa591362f9
 CVE-2024-6524,0,0,b1cd113fe7421214b7ce9e86517f29da32cdcabbd73db24dd5b2998b8692a1c5,2024-07-05T12:55:51.367000
 CVE-2024-6525,0,0,922b367a62eb2afd73317643050f220b58a9c00fbadb87dd5d5b3387d891b6e8,2024-07-05T17:10:58.210000
 CVE-2024-6526,0,0,2b85d297bcc6f1e6404a772fb46286a7ad08c157624b810fd8629aa6ecff0f52,2024-07-05T17:10:58.210000
+CVE-2024-6539,1,1,a07c31d1044b80d70124f466f6a8a84ff7e79693e8866eb368f2a7f4d8611c7a,2024-07-07T23:15:10.003000