Soumettre #641127: mrvautin https://github.com/mrvautin/expressCart <=1.0.0 Frame Injectioninformation

Titremrvautin https://github.com/mrvautin/expressCart <=1.0.0 Frame Injection
DescriptionUser-controlled img src allows loading untrusted frames, enabling internal service probe & info gathering, content manipulation within trusted contexts.
La source⚠️ https://github.com/mrvautin/expressCart/issues/288
Utilisateur
 ZAST.AI (UID 87884)
Soumission25/08/2025 12:43 (il y a 9 mois)
Modérer01/09/2025 13:45 (7 days later)
StatutAccepté
Entrée VulDB322112 [mrvautin expressCart Edit Product Page /admin/product/edit/ élévation de privilèges]
Points15

PrécédentAperçuSuivant

Might our Artificial Intelligence support you?

Check our Alexa App!