CVE-2024-39031
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-39031
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In Silverpeas Core <= 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when creating an event and then add the administrator or any user to the event. When the invited user (victim) views their own profile, the payload will be executed on their side, even if they do not click on the event.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Silverpeas 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Silverpeas是一套开源的业务协作平台。该平台包括项目管理、博客、论坛和文档管理等应用程序。 Silverpeas 6.3.5及之前版本存在安全漏洞,该漏洞源于容易受到存储型跨站脚本攻击。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2024-39031
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Stored Cross-Side Scripting (XSS) leads to privilege escalation in SilverPeas social-networking portal | https://github.com/toneemarqus/CVE-2024-39031 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-39031
请登录查看更多情报信息。
Same Patch Batch · n/a · 2024-07-09 · 60 CVEs total
| CVE-2023-50806 | 8.4 HIGH | SAMSUNG Mobile Processor和Wearable Processor 安全漏洞 |
| CVE-2023-50805 | 8.1 HIGH | SAMSUNG Mobile Processor和Wearable Processor安全漏洞 |
| CVE-2023-50807 | 8.1 HIGH | SAMSUNG Wearable Processor 安全漏洞 |
| CVE-2024-29153 | 8.1 HIGH | SAMSUNG Mobile Processor、Wearable Processor和Modems 安全漏洞 |
| CVE-2024-27385 | 6.7 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-27386 | 6.7 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-31957 | 6.2 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-27363 | 6.0 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-27360 | 6.0 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-39118 | 5.5 MEDIUM | Advanced Backups 安全漏洞 |
| CVE-2024-28068 | 5.3 MEDIUM | SAMSUNG Mobile Processor、Wearable Processor和Modems 安全漏洞 |
| CVE-2024-28067 | 5.3 MEDIUM | SAMSUNG Exynos Modem 5300 安全漏洞 |
| CVE-2024-27361 | 5.1 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-27362 | 4.4 MEDIUM | SAMSUNG Mobile Processor 安全漏洞 |
| CVE-2024-40038 | idcCMS 安全漏洞 | |
| CVE-2024-40034 | idcCMS 安全漏洞 | |
| CVE-2024-40741 | NetBox 安全漏洞 | |
| CVE-2024-40735 | NetBox 安全漏洞 | |
| CVE-2024-40733 | NetBox 安全漏洞 | |
| CVE-2024-40742 | NetBox 安全漏洞 |
Showing top 20 of 60 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8731
Open5GS NRF client.c ogs_sbi_client_add denial of service - CVE-2026-8730
Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of s - CVE-2026-8729
Open5GS NRF message.c denial of service - CVE-2026-8728
Open5GS NRF conv.c ogs_sbi_discovery_option_parse_plmn_list - CVE-2026-8724
Dataease Data Dashboard SqlparserUtils.java SqlparserUtils.t
V. Comments for CVE-2024-39031
No comments yet