| Titel | sunkaifei FlyCms <=1.0.0 XSS |
|---|
| Beschreibung | In the latest version of FlyCMS, the endpoint /system/login does not encode user-controllable parameters when outputting them on the current page, resulting in Reflected XSS. This allows attackers to launch XSS attacks against users. |
|---|
| Quelle | ⚠️ https://github.com/sunkaifei/FlyCms/issues/15 |
|---|
| Benutzer | ZAST.AI (UID 87884) |
|---|
| Einreichung | 08.12.2025 08:49 (vor 5 Monaten) |
|---|
| Moderieren | 25.12.2025 13:54 (17 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 338422 [sunkaifei FlyCMS bis abbaa5a8daefb146ad4d61027035026b052cb414 Admin Login IndexAdminController.java redirectUrl Cross Site Scripting] |
|---|
| Punkte | 16 |
|---|