CVE-2024-29644

{"id": "CVE-2024-29644", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2024-03-26T12:15:50.353", "references": [{"url": "http://dcat-admin.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/jqhph/dcat-admin", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "http://dcat-admin.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/jqhph/dcat-admin", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box."}, {"lang": "es", "value": "Vulnerabilidad de cross-site scripting en dcat-admin v.2.1.3 y anteriores permite a un atacante remoto ejecutar c\u00f3digo arbitrario a trav\u00e9s de un script manipulado en el cuadro de inicio de sesi\u00f3n del usuario."}], "lastModified": "2025-04-30T16:48:15.930", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F4217AF-E0B6-4A5C-8BAF-F86C9B11F558", "versionEndIncluding": "1.7.9"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25F5B3A0-A4BC-4E5E-839D-8617411531E4"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "770BB49B-4092-4731-AA54-FBE69BD328CE"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C20ADEC-2D34-4504-A2A5-04291CF58FFC"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D1580C7-2CE9-4C50-887F-24B4F2E60DE9"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.4:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C85600D-5624-4E2C-B549-C54590F7602F"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.5:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "618420AD-26D9-4EFF-B1A0-908E34CF60C1"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.6:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D31F81F7-9712-4A85-A12A-98F545CDB3BF"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.7:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95C94A3D-EBFA-4B3C-ACCA-03E4FB13BC0D"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.8:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93467373-3E14-4D30-A672-2C51ABA91CDB"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.9:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7912F297-97FC-4897-B3BE-8B70C683A709"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.10:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52F2CD0C-2AFD-4611-A93B-C56D9805FE3D"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.11:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7197805-2B42-46DD-A123-6CEA6F34E4BD"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.12:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE87FED3-7A9C-404A-A80A-856BE66AF4AD"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.13:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAACBFB1-0647-489B-881E-521FD698D459"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.14:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D3AF413-853D-4EB4-BE5A-F9A2564FD98B"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.15:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F2DCA57-4823-4D4D-94C3-F90F377C32FB"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.16:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB04F8BA-9B0A-4254-9DA4-E005FE60DCF5"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.17:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDC8077-A2F3-4818-BB63-0B5D147A6324"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.18:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C745F249-CABC-4305-A783-F24869016783"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.19:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0CD5762-DAB9-4105-A6C0-1A55047E62D8"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.20:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "397F7A7C-BA39-47D1-A119-F05E6A9749E0"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.21:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41A8D328-2107-4A62-9760-7CB2154460E3"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.22:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FC95D17-7ED8-4C96-8174-0C3FB8D262D3"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.23:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43317B4C-5D37-4137-8506-550C0E1EB9D3"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.0.24:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "232E98CA-CD74-4031-B9CC-BD0B6F3696FC"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.1.0:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21B35977-D1A2-486D-BE07-8D94D4BD8FCA"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.1.1:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2F183CA-2110-4263-A4E5-A8630B614B00"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.1.2:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "309A1CED-2697-42D4-AF85-999B90FDBFEC"}, {"criteria": "cpe:2.3:a:dcatadmin:dcat_admin:2.1.3:beta:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA07899B-5D17-4D06-8BFC-A8B19F70B994"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}