VYPR
Unrated severityNVD Advisory· Published Dec 4, 2024· Updated Dec 5, 2024

DedeCMS SWF File uploads_add.php cross site scripting

CVE-2024-12181

Description

A vulnerability classified as problematic was found in DedeCMS 5.7.116. Affected by this vulnerability is an unknown functionality of the file /member/uploads_add.php of the component SWF File Handler. The manipulation of the argument mediatype leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Dedecms/Dedecmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =5.7.116

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.