| عنوان | 1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS) |
|---|
| الوصف | A Stored Cross-Site Scripting (XSS) vulnerability exists in the Help Documentation module of SmartAdmin v3.0 Enterprise Rapid Development Platform. Attackers can directly submit malicious HTML content containing JavaScript code through backend API interfaces, bypassing the frontend rich text editor’s filtering mechanism. When regular users view help documentation containing malicious content, the code executes in the victim’s browser. |
|---|
| المصدر | ⚠️ https://www.notion.so/SmartAdmin-Stored-Cross-Site-Scripting-XSS-in-HelpDoc-module-310ea92a3c418050852dc554e2b5b49b |
|---|
| المستخدم | din4 (UID 50867) |
|---|
| ارسال | 23/02/2026 04:48 PM (2 أشهر منذ) |
|---|
| الاعتدال | 07/03/2026 01:21 PM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 349664 [1024-lab/lab1024 SmartAdmin حتى 3.29 Help Documentation HelpDocAddForm.java البرمجة عبر المواقع] |
|---|
| النقاط | 17 |
|---|