| Titre | https://gitee.com/westboy/CicadasCMS/branches CicadasCMS v1.0 Cross Site Scripting |
|---|
| Description | A stored cross-site scripting (XSS) vulnerability exists in CicadasCMS v1.0 that arises from the system not adequately filtering and escaping user input data before it is stored on the server. Attackers can persistently store malicious code on the server by submitting malicious script content (system administration - template management). When other users access pages containing malicious content, the script will be executed in their browsers, which may lead to risks such as session hijacking, sensitive information leakage (such as stolen cookies), malicious operation simulation, or page content tampering |
|---|
| La source | ⚠️ https://github.com/devastatingglamour/CVE/blob/main/CicadasCMS-XSS4.md |
|---|
| Utilisateur | xmttz (UID 89920) |
|---|
| Soumission | 22/09/2025 07:41 (il y a 7 mois) |
|---|
| Modérer | 04/10/2025 20:25 (13 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 327170 [westboy CicadasCMS Template Management Page TemplateFileServiceImpl.java save cross site scripting] |
|---|
| Points | 20 |
|---|