CVE-2024-28715
Description
Cross Site Scripting vulnerability in DOraCMS v.2.18 and before allows a remote attacker to execute arbitrary code via the markdown0 function in the /app/public/apidoc/oas3/wrap-components/markdown.jsx endpoint.
NVD
Severity: N/A
CVE ID: CVE-2024-28715
CVSS Score: N/A
CVSS Metrics: NVD assessment not yet provided.
Proof Of Concept
Lq0ne
Refrence: GitHub