| عنوان | continew continew-admin 3.6.0 Stored cross-site scripting |
|---|
| الوصف | The continuous admin system v3.6.0 can upload HTML files when uploading files through the "/dev api/common/file" interface, causing storage XSS. Hackers can exploit this vulnerability to steal administrator cookies, conduct phishing attacks, and cause harm |
|---|
| المصدر | ⚠️ https://github.com/uglory-gll/javasec/blob/main/continew-admin.md |
|---|
| المستخدم | uglory (UID 82151) |
|---|
| ارسال | 30/04/2025 06:13 AM (1 سنة منذ) |
|---|
| الاعتدال | 10/05/2025 05:45 PM (10 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 308298 [ContiNew Admin حتى 3.6.0 /dev-api/common/file ملف البرمجة عبر المواقع] |
|---|
| النقاط | 17 |
|---|