| Titel | StarSea99 starsea-mall 1.0 Storage XSS |
|---|
| Beschreibung | The system backend /admin/categories/update interface does not filter the categoryName parameter, allowing attackers to insert malicious JS files and create XSS vulnerabilities |
|---|
| Quelle | ⚠️ https://github.com/StarSea99/starsea-mall/issues/5 |
|---|
| Benutzer | LVZC4 (UID 79688) |
|---|
| Einreichung | 02.01.2025 08:30 (vor 1 Jahr) |
|---|
| Moderieren | 12.01.2025 07:18 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 291275 [StarSea99 starsea-mall 1.0 /admin/categories/update categoryName Cross Site Scripting] |
|---|
| Punkte | 15 |
|---|