{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-7733","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-08-13T12:45:18.026Z","datePublished":"2024-08-13T18:00:11.066Z","dateUpdated":"2024-08-13T18:44:31.529Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-08-13T18:00:11.066Z"},"title":"FastCMS New Article Category Page cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"CWE-79 Cross Site Scripting"}]}],"affected":[{"vendor":"n/a","product":"FastCMS","versions":[{"version":"0.1.0","status":"affected"},{"version":"0.1.1","status":"affected"},{"version":"0.1.2","status":"affected"},{"version":"0.1.3","status":"affected"},{"version":"0.1.4","status":"affected"},{"version":"0.1.5","status":"affected"}],"modules":["New Article Category Page"]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, was found in FastCMS up to 0.1.5. Affected is an unknown function of the component New Article Category Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."},{"lang":"de","value":"Es wurde eine Schwachstelle in FastCMS bis 0.1.5 gefunden. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente New Article Category Page. Durch Beeinflussen mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-08-13T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-08-13T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-08-13T14:50:47.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"VulDB Gitee Analyzer","type":"tool"}],"references":[{"url":"https://vuldb.com/?id.274350","name":"VDB-274350 | FastCMS New Article Category Page cross site scripting","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.274350","name":"VDB-274350 | CTI Indicators (IOB, IOC, TTP)","tags":["signature","permissions-required"]},{"url":"https://gitee.com/xjd2020/fastcms/issues/IAI8T6","tags":["exploit","issue-tracking"]}]},"adp":[{"affected":[{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.0","status":"affected"}]},{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.1:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.1","status":"affected"}]},{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.2:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.2","status":"affected"}]},{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.3:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.3","status":"affected"}]},{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.4:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.4","status":"affected"}]},{"vendor":"fastcms_project","product":"fastcms","cpes":["cpe:2.3:a:fastcms_project:fastcms:0.1.5:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"0.1.5","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-08-13T18:41:14.891674Z","id":"CVE-2024-7733","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-08-13T18:44:31.529Z"}}]}}