Submit #659789: https://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scriptinginfo

Titelhttps://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scripting
BeschreibungA stored cross-site scripting (XSS) vulnerability exists in CicadasCMS v1.0 that arises from the system not adequately filtering and escaping user input data before it is stored on the server. Attackers can persistently store malicious code on the server by submitting malicious script content (system administration - template management). When other users access pages containing malicious content, the script will be executed in their browsers, which may lead to risks such as session hijacking, sensitive information leakage (such as stolen cookies), malicious operation simulation, or page content tampering
Quelle⚠️ https://github.com/devastatingglamour/CVE/blob/main/CicadasCMS-XSS4.md
Benutzer
 xmttz (UID 89920)
Einreichung22.09.2025 07:41 (vor 7 Monaten)
Moderieren04.10.2025 20:25 (13 days later)
StatusAkzeptiert
VulDB Eintrag327170 [westboy CicadasCMS bis 2431154dac8d0735e04f1fd2a3c3556668fc8dab Template Management Page TemplateFileServiceImpl.java save Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!