| عنوان | automad<=1.10.9 Stored Cross-Site Scripting(XSS) |
|---|
| الوصف | The system Client doesn't properly sanitise POST parameter, which result into a Stored Cross-Site Scripting(XSS).
1,After installing the program, log in to the background system, modify the website title and inject attack code, and then submit
2,Visiting the home page of the website will trigger the code
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md |
|---|
| المصدر | ⚠️ https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md |
|---|
| المستخدم | webray.com.cn (UID 24778) |
|---|
| ارسال | 29/04/2022 11:33 AM (4 سنوات منذ) |
|---|
| الاعتدال | 29/04/2022 02:06 PM (3 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 198706 [automad حتى 1.10.9 Dashboard عنوان البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|