wangmarket <=v6.4 Cross Site Scriptingالمعلومات

عنوان	xnx3 https://github.com/xnx3/wangmarket <=v6.4 Cross Site Scripting
الوصف	The /sits/uploadImage.do endpoint allows the uploading of XML files by default. Stored XSS can be achieved by uploading a malicious XML file. In the uploadImage function, the file extension is validated via the isAllowUpload function. The isAllowUpload function allows the uploading of XML files by default.
المصدر	⚠️ https://github.com/yuccun/CVE/blob/main/wangmarket-Upload2StoredXSS.md
المستخدم	yuccun (UID 93614)
ارسال	21/12/2025 09:39 AM (4 أشهر منذ)
الاعتدال	01/01/2026 10:52 AM (11 days later)
الحالة	تمت الموافقة
إدخال VulDB	339336 [xnx3 wangmarket حتى 6.4 XML File /sits/uploadImage.do uploadImage image تجاوز الصلاحيات]
النقاط	18

Might our Artificial Intelligence support you?

Check our Alexa App!