Browse all 5 CVE security advisories affecting 3uu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
3uu is a software component primarily used for authentication and session management in web applications. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The component's security posture has been marked by inconsistent input validation and insufficient access controls. Five CVEs have been recorded, including critical RCE vulnerabilities that allow attackers to execute arbitrary code with system privileges. No major public security incidents have been documented, though the consistent pattern of vulnerabilities suggests a need for rigorous security testing and regular updates. Organizations using 3uu should implement compensating controls and monitor for emerging threats.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-4098 | Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion — Shariff WrapperCWE-22 | 9.8 | Critical | 2024-06-20 |
| CVE-2024-2695 | Shariff Wrapper <= 4.6.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Shariff WrapperCWE-79 | 6.4 | Medium | 2024-06-15 |
| CVE-2023-6500 | Shariff Wrapper <= 4.6.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — Shariff WrapperCWE-79 | 6.4 | Medium | 2024-03-12 |
| CVE-2024-0966 | Shariff Wrapper <= 4.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — Shariff WrapperCWE-79 | 6.4 | Medium | 2024-03-12 |
| CVE-2024-1450 | Shariff Wrapper <= 4.6.10 - Authenticated (Contributor+) Stored Cross-Site Scripting — Shariff WrapperCWE-79 | 6.4 | Medium | 2024-03-12 |
This page lists every published CVE security advisory associated with 3uu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.