CVE-2024-23033

Name of the Vulnerable Software and Affected Versions eyoucms version 1.6.5

Description The issue allows a remote attacker to run arbitrary code via a crafted URL, exploiting a Cross Site Scripting vulnerability in the path parameter.

Recommendations For eyoucms version 1.6.5, consider restricting access to the path parameter to minimize the risk of exploitation until a patch is available. Avoid using crafted URLs that could trigger the vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.