CVE-2024-37680

June 24, 2024, 7:26 p.m.

Tags

cve@mitre.org
2024-06-24
CVE-2024-37680

Product(s) Impacted

FineSoft

  • <=8.0

Description

Hangzhou Meisoft Information Technology Co., Ltd. FineSoft <=8.0 is affected by Cross Site Scripting (XSS) which allows remote attackers to execute arbitrary code. Enter any account and password, click Login, the page will report an error, and a controllable parameter will appear at the URL:weburl.

Weaknesses

Date

Published: June 24, 2024, 7:15 p.m.

Last Modified: June 24, 2024, 7:26 p.m.

Status : Awaiting Analysis

CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.

More info

Source

cve@mitre.org

References

https://github.com/dabaizhizhu/123/issues/5
cve@mitre.org