CVE-2024-33401

MEDIUM

Dedecms - XSS

Title source: rule

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to run arbitrary code via the mnum parameter.

gitee

by zchuanwen · writeup

CVSS v3 4.4

EPSS 0.0010

EPSS Percentile 26.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE

CWE-79

Status published

Products (1)

dedecms/dedecms 5.7.113

Published Apr 29, 2024

Tracked Since Feb 18, 2026