CVE-2024-23031: Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.

Description

Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.

Vendor: n/a

Product: n/a

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 12.45% (scored less or equal to compared to others)

EPSS Date: 2025-06-06 (when was this score calculated)

SSVC Exploitation: none

SSVC Technical Impact: partial

SSVC Automatable: false

2025-06-04 16:40:17 UTC
CVE

Cross Site Scripting (XSS) vulnerability in is_water parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL.