CVE-2024-22548: FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.
5.4
CVSS
Description
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.
Classification
CVE ID: CVE-2024-22548
CVSS Base Severity: MEDIUM
CVSS Base Score: 5.4
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 16.38% (scored less or equal to compared to others)
EPSS Date: 2025-06-07 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: partial
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-22548https://github.com/5List/cms/blob/main/1.md