| Titel | questdb V9.2.3(latest) xss |
|---|
| Beschreibung | Vulnerability Title
There is a cross-site scripting(XSS) vulnerability in the QuestDB database
Affected Versions:
V9.2.3(latest)
Discovery Time:
2026-01-05
Discoverer:
59LAB([email protected])
Analysis Report:
installed: docker run -p 9000:9000 -p 9009:9009 -p 8812:8812 questdb/questdb image
POC
http://192.168.150.33:9000/index.html POC: select '<iframe src="data:text/html,"></iframe>' image image |
|---|
| Quelle | ⚠️ https://github.com/59lab/dbdb/blob/main/There%20is%20a%20cross-site%20scripting(XSS)%20vulnerability%20in%20the%20QuestDB%20database.md |
|---|
| Benutzer | 59lab (UID 94191) |
|---|
| Einreichung | 07.01.2026 03:27 (vor 3 Monaten) |
|---|
| Moderieren | 09.01.2026 19:34 (3 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 340357 [questdb ui bis 1.11.9 Web Console Cross Site Scripting] |
|---|
| Punkte | 20 |
|---|