| Titre | roothub2.6 2.6 XSS |
|---|
| Description | This CMS version 2.6 has a storage XSS vulnerability that can be triggered by "><img src=x onerror=alert(1)>
In java code:
src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java
There doesn't seem to be any filtering for XSS here |
|---|
| La source | ⚠️ https://github.com/wandeorfu/test |
|---|
| Utilisateur | wanderofu (UID 87839) |
|---|
| Soumission | 25/07/2025 05:46 (il y a 9 mois) |
|---|
| Modérer | 25/07/2025 21:01 (15 hours later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 317779 [Roothub jusqu’à 2.6 SystemConfigAdminController.java edit cross site scripting] |
|---|
| Points | 15 |
|---|