| Titel | mtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSS |
|---|
| Beschreibung | The /admin/role/list endpoint is used for viewing user roles in the admin panel, the search function's user-controlled name parameter has no security checks, and the output has no encoding processing, thus creating reflected XSS vulnerabilities. |
|---|
| Quelle | ⚠️ https://gitee.com/mtons/mblog/issues/ICPMNE |
|---|
| Benutzer | ZAST.AI (UID 87884) |
|---|
| Einreichung | 18.08.2025 04:34 (vor 8 Monaten) |
|---|
| Moderieren | 29.08.2025 08:05 (11 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 321854 [mtons mblog bis 3.5.0 /admin/role/list Name Cross Site Scripting] |
|---|
| Punkte | 17 |
|---|