Enviar #636627: mtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSSinformación

Títulomtons https://gitee.com/mtons/mblog <=3.5.0 Reflected XSS
DescripciónThe /admin/role/list endpoint is used for viewing user roles in the admin panel, the search function's user-controlled name parameter has no security checks, and the output has no encoding processing, thus creating reflected XSS vulnerabilities.
Fuente⚠️ https://gitee.com/mtons/mblog/issues/ICPMNE
Usuario
 ZAST.AI (UID 87884)
Sumisión2025-08-18 04:34 (hace 8 meses)
Moderación2025-08-29 08:05 (11 days later)
EstadoAceptado
Entrada de VulDB321854 [mtons mblog hasta 3.5.0 /admin/role/list Nombre secuencias de comandos en sitios cruzados]
Puntos17

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!