CVE-2024-30884

{"id": "CVE-2024-30884", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.8}]}, "published": "2024-04-11T05:15:47.683", "references": [{"url": "https://github.com/Hebing123/cve/issues/28", "tags": ["Exploit", "Issue Tracking"], "source": "[email protected]"}, {"url": "https://github.com/Hebing123/cve/issues/28", "tags": ["Exploit", "Issue Tracking"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Reflected Cross-Site Scripting (XSS) vulnerability in Discuz! version X3.4 20220811, allows remote attackers to execute arbitrary code and obtain sensitive information via crafted payload to the primarybegin parameter in the misc.php component."}, {"lang": "es", "value": "Vulnerabilidad de Cross-Site Scripting (XSS) reflejado en Discuz! versi\u00f3n X3.4 20220811, que permite a atacantes remotos ejecutar c\u00f3digo arbitrario y obtener informaci\u00f3n confidencial a trav\u00e9s de un payload manipulado para el par\u00e1metro mainbegin en el componente misc.php."}], "lastModified": "2025-06-17T20:54:31.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:discuz:discuzx:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB10C69D-DF3E-4281-8CFC-74A4B0618CD6"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}