إرسال #517268: ujcms v9.7.5 stored XSSالمعلومات

عنوانujcms v9.7.5 stored XSS
الوصفThere is a vulnerability in the file upload function of the ujcms_v9.7.5 backend. The content of uploaded HTML and PDF files is not filtered or checked. When users view maliciously crafted HTML or PDF files, the embedded malicious JavaScript code will be triggered, which may lead to the theft of sensitive tokens.
المصدر⚠️ https://github.com/dromara/ujcms/issues/13
المستخدم
 icefoxh (UID 82165)
ارسال10/03/2025 03:22 AM (1 سنة منذ)
الاعتدال18/03/2025 10:20 AM (8 days later)
الحالةمكرر
إدخال VulDB299996 [Dromara ujcms 9.7.5 File Upload WebFileUploadController.java uploadZip/upload البرمجة عبر المواقع]
النقاط0

التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!