CVE-2024-6539

Name of the Vulnerable Software and Affected Versions heyewei SpringBootCMS up to 2024-05-28

Description A vulnerability has been found in the Guestbook Handler component of heyewei SpringBootCMS, affecting an unknown function of the file /guestbook. The manipulation of the Content argument leads to cross-site scripting. This issue can be exploited remotely.

Recommendations For heyewei SpringBootCMS up to 2024-05-28, as a temporary workaround, consider restricting access to the /guestbook file until a patch is available. Avoid using the Content argument in the affected Guestbook Handler component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.