| Titel | Htmly Htmly CMS 3.1.0 Cross Site Scripting |
|---|
| Beschreibung | HTMLy v3.1.0 contains a stored cross-site scripting (XSS) vulnerability whereby an editor can inject malicious scripts through the label parameter within the custom fields page, resulting in the execution of arbitrary web scripts or HTML code when an administrator subsequently creates new blog posts or edits existing posts. |
|---|
| Quelle | ⚠️ https://www.notion.so/inmog/Reported-Vulnerability-XSS-Vulnerability-in-htmly-v3-1-0-2627752d1edd804fbd71f310bde44d11 |
|---|
| Benutzer | inmoyang (UID 89515) |
|---|
| Einreichung | 02.09.2025 16:47 (vor 8 Monaten) |
|---|
| Moderieren | 20.09.2025 08:54 (18 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 325113 [htmly bis 3.1.0 Custom Field /htmly/admin/field/post label Cross Site Scripting] |
|---|
| Punkte | 19 |
|---|