Medium severity4.3NVD Advisory· Published Dec 28, 2023· Updated Jun 17, 2026
CVE-2023-7133
CVE-2023-7133
Description
A vulnerability was found in y_project RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0mp86o0 leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249136.
Affected products
2Patches
Vulnerability mechanics
References
3- 1drv.ms/w/s!AgMfVZkPO1NWgSPnwk90DMQIUN_DnvdExploitThird Party Advisory
- vuldb.comnvdThird Party AdvisoryVDB Entry
- vuldb.comnvdPermissions RequiredVDB Entry
News mentions
0No linked articles in our index yet.