| Title | StarSea99 starsea-mall 1.0 Storage XSS |
|---|
| Description | The system backend /admin/categories/update interface does not filter the categoryName parameter, allowing attackers to insert malicious JS files and create XSS vulnerabilities |
|---|
| Source | ⚠️ https://github.com/StarSea99/starsea-mall/issues/5 |
|---|
| User | LVZC4 (UID 79688) |
|---|
| Submission | 02.01.2025 08:30 (vor 5 Monaten) |
|---|
| Moderation | 12.01.2025 07:18 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Entry | 291275 [StarSea99 starsea-mall 1.0 /admin/categories/update categoryName Cross Site Scripting] |
|---|
| Points | 15 |
|---|