CVE-2023-1111— FastCMS New Article Tab cross site scripting

CVSS 2.4 · Low EPSS 0.09% · P25 Updated Jan 25, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-1111

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

FastCMS New Article Tab cross site scripting

Source: NVD (National Vulnerability Database)

Vulnerability Description

A vulnerability was found in FastCMS up to 0.1.5 and classified as problematic. Affected by this issue is some unknown functionality of the component New Article Tab. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-266126 is the identifier assigned to this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Source: NVD (National Vulnerability Database)

Vulnerability Title

编号已被CVE保留

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

暂无详细信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	FastCMS	0.1.0	-

II. Public POCs for CVE-2023-1111

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-1111

Please Login to view more intelligence information

https://gitee.com/dianbuapp_admin/fastcms/issues/I8ERNVexploitissue-tracking
https://vuldb.com/?ctiid.266126signaturepermissions-required
https://vuldb.com/?id.266126vdb-entrytechnical-description
https://nvd.nist.gov/vuln/detail/CVE-2023-1111

Same Patch Batch · n/a · 2024-05-24 · 25 CVEs total

CVE-2024-5310	2.4 LOW	JFinalCMS content cross site scripting
CVE-2024-36079		Vaultize 安全漏洞
CVE-2024-36361		Tmont Pug 安全漏洞
CVE-2024-35374		Mocodo 安全漏洞
CVE-2024-35373		Mocodo 安全漏洞
CVE-2024-33471		AVTECH Software Room Alert 4E 安全漏洞
CVE-2024-35388		TOTOLINK NR1800X 安全漏洞
CVE-2024-35387		TOTOLINK LR350 安全漏洞
CVE-2024-36049		Aptos Wisal payroll 安全漏洞
CVE-2023-46442		Soot 安全漏洞
CVE-2024-34995		svnWebUI 安全漏洞
CVE-2024-35395		TOTOLINK CP900L 安全漏洞
CVE-2024-35396		TOTOLINK CP900L 安全漏洞
CVE-2024-33470		AVTECH Software Room Alert 4E 安全漏洞
CVE-2024-22588		Kwik 安全漏洞
CVE-2024-33809		PingCAP TiDB 安全漏洞
CVE-2024-35340		Tenda FH1206 安全漏洞
CVE-2024-35618		PingCAP TiDB 安全漏洞
CVE-2024-35339		Tenda FH1206 安全漏洞
CVE-2024-31510		liboqs 安全漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: FastCMS

Same vendor: n/a

Same weakness: CWE-79

V. Comments for CVE-2023-1111

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-1111— FastCMS New Article Tab cross site scripting

I. Basic Information for CVE-2023-1111

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2023-1111

III. Intelligence Information for CVE-2023-1111

Same Patch Batch · n/a · 2024-05-24 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-1111

Leave a comment