Low severity3.5NVD Advisory· Published Jul 21, 2023· Updated Jun 17, 2026
CVE-2023-3815
CVE-2023-3815
Description
A vulnerability, which was classified as problematic, has been found in y_project RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched remotely. VDB-235118 is the identifier assigned to this vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.ruoyi:ruoyiMaven | <= 4.7.7 | — |
Affected products
2Patches
Vulnerability mechanics
References
5- gitee.com/y_project/RuoYi/issues/I7IL85nvdExploitIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-p4ww-j4pr-qw6qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-3815ghsaADVISORY
- vuldb.comnvdPermissions RequiredThird Party AdvisoryVDB EntryWEB
- vuldb.comnvdPermissions RequiredThird Party AdvisoryVDB EntryWEB
News mentions
0No linked articles in our index yet.