Submit #633635: mtons https://gitee.com/mtons/mblog <=3.5.0 Stored XSSinfo

Titelmtons https://gitee.com/mtons/mblog <=3.5.0 Stored XSS
BeschreibungThe /settings/profile endpoint is used for editing user profile information, the user-controlled bio content parameter has no security checks, and has no encoding processing during output, thus creating stored XSS vulnerabilities.
Quelle⚠️ https://gitee.com/mtons/mblog/issues/ICPML3
Benutzer
 ZAST.AI (UID 87884)
Einreichung13.08.2025 14:06 (vor 9 Monaten)
Moderieren25.08.2025 08:18 (12 days later)
StatusAkzeptiert
VulDB Eintrag321245 [mtons mblog bis 3.5.0 /settings/profile signature Cross Site Scripting]
Punkte17

ZurückÜbersichtWeiter

Want to know what is going to be exploited?

We predict KEV entries!