| Título | roothub2.6 2.6 XSS |
|---|
| Descripción | This CMS version 2.6 has a storage XSS vulnerability that can be triggered by "><img src=x onerror=alert(1)>
In java code:
src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java
There doesn't seem to be any filtering for XSS here |
|---|
| Fuente | ⚠️ https://github.com/wandeorfu/test |
|---|
| Usuario | wanderofu (UID 87839) |
|---|
| Sumisión | 2025-07-25 05:46 (hace 9 meses) |
|---|
| Moderación | 2025-07-25 21:01 (15 hours later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 317779 [Roothub hasta 2.6 SystemConfigAdminController.java edit secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 15 |
|---|