Submit #473321: StarSea99 starsea-mall 1.0 Storage XSSinfo

TitleStarSea99 starsea-mall 1.0 Storage XSS
DescriptionThe system backend /admin/categories/update interface does not filter the categoryName parameter, allowing attackers to insert malicious JS files and create XSS vulnerabilities
Source⚠️ https://github.com/StarSea99/starsea-mall/issues/5
User
 LVZC4 (UID 79688)
Submission01/02/2025 08:30 AM (1 Year ago)
Moderation01/12/2025 07:18 AM (10 days later)
StatusAccepted
VulDB entry291275 [StarSea99 starsea-mall 1.0 /admin/categories/update categoryName cross site scripting]
Points15

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!