Description

A vulnerability was found in y_project RuoYi-Cloud. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215108.

Remediation

References

https://gitee.com/y_project/RuoYi-Cloud/issues/I5IRC8

https://vuldb.com/?id.215108

Related Vulnerabilities

CVE-2020-12725 Vulnerability in npm package redash

CVE-2022-39353 Vulnerability in maven package org.webjars.npm:xmldom__xmldom

CVE-2022-36083 Vulnerability in npm package jose-node-cjs-runtime

CVE-2021-28168 Vulnerability in maven package org.glassfish.jersey.core:jersey-common

CVE-2020-8215 Vulnerability in maven package org.webjars.npm:canvas

Severity

High

Classification

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Exploit Issue Tracking Third Party Advisory NVD-CWE-noinfo