Enviar #675436: Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System V1.0 Cross Site Scriptinginformación

TítuloSui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System V1.0 Cross Site Scripting
DescripciónDuring the security review of "Suishang Enterprise-Level B2B2C Multi-User Mall System",I discovered a reflected Cross-Site Scripting (XSS) vulnerability exists in the /i/359 endpoint of the Suishang Enterprise-Level B2B2C Multi-User Mall System. The vulnerability arises due to insufficient input sanitization of the account parameter in GET requests. Malicious actors can inject arbitrary JavaScript payloads into this parameter; when the payload is reflected back in the server’s response, it executes in the context of the victim’s browser .
Fuente⚠️ https://github.com/1276486/CVE/issues/18
Usuario
 Zre0x1c (UID 89206)
Sumisión2025-10-14 19:57 (hace 7 meses)
Moderación2025-10-26 17:33 (12 days later)
EstadoAceptado
Entrada de VulDB329958 [Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System /i/359 secuencias de comandos en sitios cruzados]
Puntos20

AnteriorVisión De ConjuntoPróximo