CVE-2024-1257: Jspxcms find_text.do cross site scripting
First published: Tue Feb 06 2024(Updated: )
A vulnerability was found in Jspxcms 10.2.0. It has been classified as problematic. Affected is an unknown function of the file /ext/collect/find_text.do. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252996.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ujcms | =10.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-1257?
CVE-2024-1257 has been classified as problematic due to the potential for cross site scripting attacks.
How do I fix CVE-2024-1257?
To fix CVE-2024-1257, it is advised to update Jspxcms to a patched version that addresses this vulnerability.
What software is affected by CVE-2024-1257?
CVE-2024-1257 affects Jspxcms version 10.2.0.
What type of vulnerability is CVE-2024-1257?
CVE-2024-1257 is a cross site scripting (XSS) vulnerability.
Can CVE-2024-1257 be exploited remotely?
Yes, CVE-2024-1257 can be exploited remotely.
- agent/weakness
- agent/references
- agent/title
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/ujcms
- canonical/ujcms
- version/ujcms/10.2.0