VYPR
Unrated severityNVD Advisory· Published Apr 14, 2023· Updated Aug 2, 2024

EyouCms HTTP POST Request cross site scripting

CVE-2023-2058

Description

A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit&tabid=12&id=4 of the component HTTP POST Request Handler. The manipulation of the argument web_ico leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225943.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Eyoucms/Eyoucmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.6.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.