| Título | emlog<=pro-1.2.2 Stored Cross-Site Scripting(XSS) |
|---|
| Descripción | The system Client doesn't properly sanitise POST parameter, which result into a Stored Cross-Site Scripting(XSS).
1,Register your account on the website and sign in
2,Add articles and write attack code, and then submit
3,The super administrator will trigger the attack code when auditing the article
https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md |
|---|
| Fuente | ⚠️ https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/emlog%3C=pro-1.2.2%20Stored%20Cross-Site%20Scripting(XSS).md |
|---|
| Usuario | webray.com.cn (UID 24778) |
|---|
| Sumisión | 2022-04-29 08:57 (hace 4 años) |
|---|
| Moderación | 2022-04-29 09:28 (31 minutes later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 198705 [Emlog Pro hasta 1.2.2 POST Parameter secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 20 |
|---|