Submit #224400: Customiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameterinfo

TitelCustomiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameter
BeschreibungCustomiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameter. Vulnerable source code: if (isset($_GET['customblock_place'])) { $customblock_place = $_GET['customblock_place']; echo "<script>loadCustomBlocCreateForm('$customblock_place');</script>"; } Unfiltered parameters, which can bypass and generate xss vulnerabilities
Quelle⚠️ https://github.com/flusity/flusity-CMS/issues/1
Benutzer
 zihe (UID 56943)
Einreichung23.10.2023 09:50 (vor 3 Jahren)
Moderieren26.10.2023 09:19 (3 days later)
StatusAkzeptiert
VulDB Eintrag243599 [flusity CMS Dashboard customblock.php loadCustomBlocCreateForm customblock_place Cross Site Scripting]
Punkte20

Do you need the next level of professionalism?

Upgrade your account now!