Soumettre #379474: SeaCms V12.9 Cross Site Scriptinginformation

TitreSeaCms V12.9 Cross Site Scripting
DescriptionSeaCms V12.9 contains multiple stored XSS vulnerabilities originating from insufficient filtering of several configuration variables in data.php related to $yzm. These vulnerabilities can be exploited through the js/player/dmplayer/admin/post.php?act=setting endpoint, where multiple configuration variables within $yzm can be set.
La source⚠️ https://github.com/HuaQiPro/seacms/issues/29
Utilisateur
 jiashenghe (UID 39445)
Soumission24/07/2024 04:51 (il y a 2 ans)
Modérer27/07/2024 22:14 (4 days later)
StatutAccepté
Entrée VulDB272576 [SeaCMS 12.9/13.0 post.php?act=setting yzm cross site scripting]
Points19

PrécédentAperçuSuivant

Want to know what is going to be exploited?

We predict KEV entries!