Submit #543082: 长沙友点软件科技有限公司 YouDianCMS 9.5.21 Cross Site Scriptinginfo

Title长沙友点软件科技有限公司 YouDianCMS 9.5.21 Cross Site Scripting
DescriptionYouDianCMS v9.5.21 has a reflected XSS vulnerability in App/Tpl/Member/Default/Order/index.html.Attackers can add malicious JavaScript scripts to the URL, and the server will concatenate the malicious scripts into the URL and return them to the browser, ultimately causing XSS vulnerabilities
Source⚠️ https://github.com/zonesec0/findcve/issues/6
User
 zonesec (UID 74980)
Submission03/26/2025 07:14 AM (12 months ago)
Moderation04/12/2025 01:48 PM (17 days later)
StatusAccepted
VulDB entry304570 [YouDianCMS 9.5.21 index.html.Attackers OrderNumber cross site scripting]
Points17

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!