Skip to main content

CVE-2024-28715

Description

Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint.

NVD
Severity: N/A
CVE ID: CVE-2024-28715
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.

Refrence: NVD MITRE

Proof Of Concept

Lq0ne

Refrence: GitHub

Description
Proof Of Concept