CVE-2024-12182

Name of the Vulnerable Software and Affected Versions DedeCMS version 5.7.116

Description A problematic issue has been found in DedeCMS, affecting some unknown functionality of the file /member/soft add.php. The manipulation of the argument body leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For DedeCMS version 5.7.116, as a temporary workaround, consider disabling access to the /member/soft add.php file until a patch is available. Restrict the manipulation of the argument body to minimize the risk of cross site scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.