CVE Details
Basic Information
| Title | jsnjfz WebStack-Guns File Upload UserMgrController.java cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-09T17:00:10.531Z |
| Last Seen |
Product Information
| Vendor | jsnjfz |
|---|---|
| Product | WebStack-Guns |
| Version | 1.0 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting vulnerability in WebStack-Guns 1.0 allows remote attackers to execute scripts via the File Upload component. The vendor has not responded to disclosure attempts, leaving the issue unpatched. |
|---|---|
| AI Severity | Medium |
| Vendor | jsnjfz |
| Product | WebStack-Guns |
| Affected Version | 1.0 |
Affected Products
- jsnjfz WebStack-Guns 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability was found in jsnjfz WebStack-Guns 1.0. It has been classified as problematic. Affected is an unknown function of the file UserMgrController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.