Submit #708322: xiweicheng TMS v2.28.0 Cross Site Scriptinginfo

Titel	xiweicheng TMS v2.28.0 Cross Site Scripting
Beschreibung	TMS v2.28.0 /admin/blog/comment/create interface Cross-Site Scripting (XSS) vulnerability In TMS System version v2.28.0, the `/admin/blog/comment/create` endpoint does not apply entity encoding to user-supplied input, leading to a Cross-Site Scripting (XSS) vulnerability. https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/TMS_v2.28.0_XSS-1.md
Quelle	⚠️ https://github.com/ha1yu-Yiqiyin/warehouse/blob/main/TMS_v2.28.0_XSS-1.md
Benutzer	red0_ha1yu (UID 61457)
Einreichung	07.12.2025 13:25 (vor 6 Monaten)
Moderieren	16.12.2025 21:57 (9 days later)
Status	Akzeptiert
VulDB Eintrag	336939 [xiweicheng TMS bis 2.28.0 create createComment content Cross Site Scripting]
Punkte	19

Might our Artificial Intelligence support you?

Check our Alexa App!