EUVD-2026-33473
GHSA-rmw9-rp4m-38c7
Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A flaw has been found in westboy CicadasCMS up to 2431154dac8d0735e04f1fd2a3c3556668fc8dab. Impacted is the function Search of the file org/springframework/cache/support/AbstractCacheManager.java. This manipulation of the argument s causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been published and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet.
AnalysisAI
Reflected cross-site scripting in westboy CicadasCMS allows remote unauthenticated attackers to inject arbitrary JavaScript into a victim's browser via the unvalidated 's' search parameter in the Search function. All code up to and including commit 2431154dac8d0735e04f1fd2a3c3556668fc8dab is affected, with no patch released as of analysis - the vendor has not responded to the responsible disclosure. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires no authentication (PR:N) and no special server-side configuration - the vulnerable Search function is exposed in default deployments of CicadasCMS. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 base score of 4.3 (Medium) reflects a network-reachable, low-complexity, unauthenticated attack that nonetheless requires user interaction (UI:R) and produces only low integrity impact with no confidentiality or availability consequence (C:N/I:L/A:N/S:U). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker crafts a URL targeting the CicadasCMS search endpoint with a malicious JavaScript payload embedded in the 's' query parameter, then distributes the link via phishing email or a compromised web page. When an authenticated or unauthenticated victim clicks the link and the search result page loads, the injected script executes in their browser session under the application's origin, potentially allowing session cookie theft, credential harvesting via fake login overlays, or defacement of the rendered page. … |
| Remediation | No vendor-released patch has been identified at time of analysis; the vendor has not responded to the disclosure reported via https://gitee.com/westboy/CicadasCMS/issues/IJKWOH. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Share
External POC / Exploit Code
Leaving vuln.today