| عنوان | DaiCuoCms DaiCuoCms article manage system 1.3.13 Cross Site Scripting |
|---|
| الوصف | DaiCuoCms version 1.3.13 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. An authenticated user with access to the admin panel can inject malicious JavaScript code into article content or other editable fields. This code is then rendered and executed in the context of users who visit the affected frontend pages, potentially leading to session hijacking, phishing, or other malicious actions. The lack of proper input sanitization and output encoding makes this vulnerability exploitable. |
|---|
| المصدر | ⚠️ https://github.com/daicuo/cms/issues/1 |
|---|
| المستخدم | A13niL (UID 83935) |
|---|
| ارسال | 09/04/2025 08:25 AM (1 سنة منذ) |
|---|
| الاعتدال | 18/04/2025 04:00 PM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 305648 [DaiCuo 1.3.13 SEO Optimization Settings Section البرمجة عبر المواقع] |
|---|
| النقاط | 20 |
|---|