| Title | StarSea99 starsea-mall 1.0 Storage XSS |
|---|
| Description | The system backend /admin/categories/update interface does not filter the categoryName parameter, allowing attackers to insert malicious JS files and create XSS vulnerabilities |
|---|
| Source | ⚠️ https://github.com/StarSea99/starsea-mall/issues/5 |
|---|
| User | LVZC4 (UID 79688) |
|---|
| Submission | 01/02/2025 08:30 AM (4 months ago) |
|---|
| Moderation | 01/12/2025 07:18 AM (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 291275 [StarSea99 starsea-mall 1.0 /admin/categories/update categoryName cross site scripting] |
|---|
| Points | 15 |
|---|