CVE-2024-7162

CVSS 2.0 Score 4.0 of 10 (medium)

Details

Published Jul 28, 2024
Updated: Jul 29, 2024
CWE ID 79

Summary

CVE-2024-7162 is a recently disclosed vulnerability affecting SeaCMS versions 12.9 and 13.0. This issue lies within the unknown functionality of the file js/player/dmplayer/admin/post.php?act=setting. An attacker can exploit this vulnerability by manipulating the argument yzm, leading to cross-site scripting (XSS). The attack can be launched remotely, making it a significant threat. The exploit for this vulnerability has been made public, increasing the risk of its use in cyberattacks. The identifier for this vulnerability is VDB-272576.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share