{"id":"CVE-2024-7453","details":"A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /[admins_url].php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument row[url]/row[imagewidth]/row[imageheight] leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273544.","modified":"2026-04-09T10:31:01.134447Z","published":"2024-08-04T05:16:09.523Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?submit.384320"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.273544"},{"type":"REPORT","url":"https://vuldb.com/?id.273544"},{"type":"EVIDENCE","url":"https://github.com/Hebing123/cve/issues/66"},{"type":"EVIDENCE","url":"https://github.com/Hebing123/cve/issues/65"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/karsonzhang/fastadmin","events":[{"introduced":"0"},{"last_affected":"26a5ca4a2cff596b96a8de859820c83b3e725464"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.5.0.20240328"}]}}],"versions":["v0.1.0.20170721_beta","v1.0.0.20170808_beta","v1.0.0.20170816_beta","v1.0.0.20170915_beta","v1.0.0.20171026_beta","v1.0.0.20171206_beta","v1.0.0.20180117_beta","v1.0.0.20180119_beta","v1.0.0.20180204_beta","v1.0.0.20180222_beta","v1.0.0.20180308_beta","v1.0.0.20180310_beta","v1.0.0.20180314_beta","v1.0.0.20180327_beta","v1.0.0.20180401_beta","v1.0.0.20180406_beta","v1.0.0.20180417_beta","v1.0.0.20180506_beta","v1.0.0.20180513_beta","v1.0.0.20180618_beta","v1.0.0.20180630_beta","v1.0.0.20180806_beta","v1.0.0.20180911_beta","v1.0.0.20181031_beta","v1.0.0.20181127_beta","v1.0.0.20181210_beta","v1.0.0.20190111_beta","v1.0.0.20190301_beta","v1.0.0.20190318_beta","v1.0.0.20190407_beta","v1.0.0.20190410_beta","v1.0.0.20190418_beta","v1.0.0.20190510_beta","v1.0.0.20190628_beta","v1.0.0.20190705_beta","v1.0.0.20190930_beta","v1.0.0.20191101_beta","v1.0.0.20191212_beta","v1.0.0.20200228_beta","v1.0.0.20200506_beta","v1.0.0.20201001_beta","v1.2.0.20210401_beta","v1.2.1.20210731_beta","v1.2.2.20211011_beta","v1.3.2.20220113","v1.3.3.20220121","v1.3.4.20220530","v1.3.5.20221214","v1.4.0.20230711","v1.5.0.20240328"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-7453.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}