Cross Site Scripting Vulnerability in DedeCMS by DedeCMS Team
CVE-2024-33371

Currently unrated

Key Information:

Vendor: DedeCMS Team
Status: DedeCMS
Vendor: CVE Published:; 30 April 2024

🔔 Create DedeCMS Team Vulnerability Alert

What is CVE-2024-33371?

The DedeCMS v.5.7.113 is susceptible to a Cross Site Scripting vulnerability that enables an attacker to execute arbitrary code. This exploitation occurs through manipulation of the 'typeid' parameter in the makehtml_list_action.php component, potentially allowing attackers to insert malicious scripts into web pages viewed by other users, compromising the security and integrity of the web application.

References

https://gitee.com/zchuanwen/cve/issues/I9HQRY

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2024