| عنوان | roothub https://github.com/miansen/Roothub/tree/v2.6 2.6 XSS |
|---|
| الوصف | The source code address is:
https://github.com/miansen/Roothub/tree/v2.6
This CMS version 2.6 has a storage XSS vulnerability that can be triggered by "><img src=x onerror=alert(1)>
In java code:
src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java
There doesn't seem to be any filtering for XSS here
Please see the vulnerability reproduction process
https://github.com/wandeorfu/test |
|---|
| المصدر | ⚠️ https://github.com/wandeorfu/test |
|---|
| المستخدم | wanderofu (UID 87839) |
|---|
| ارسال | 25/07/2025 10:52 AM (9 أشهر منذ) |
|---|
| الاعتدال | 26/07/2025 03:18 PM (1 day later) |
|---|
| الحالة | مكرر |
|---|
| إدخال VulDB | 317779 [Roothub حتى 2.6 SystemConfigAdminController.java edit البرمجة عبر المواقع] |
|---|
| النقاط | 0 |
|---|