Soumettre #765929: 1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS)information

Titre1024-lab SmartAdmin ≤3.29 Stored Cross-Site Scripting (XSS)
DescriptionA Stored Cross-Site Scripting (XSS) vulnerability exists in the Help Documentation module of SmartAdmin v3.0 Enterprise Rapid Development Platform. Attackers can directly submit malicious HTML content containing JavaScript code through backend API interfaces, bypassing the frontend rich text editor’s filtering mechanism. When regular users view help documentation containing malicious content, the code executes in the victim’s browser.
La source⚠️ https://www.notion.so/SmartAdmin-Stored-Cross-Site-Scripting-XSS-in-HelpDoc-module-310ea92a3c418050852dc554e2b5b49b
Utilisateur
 din4 (UID 50867)
Soumission23/02/2026 16:48 (il y a 2 mois)
Modérer07/03/2026 13:21 (12 days later)
StatutAccepté
Entrée VulDB349664 [1024-lab/lab1024 SmartAdmin jusqu’à 3.29 Help Documentation HelpDocAddForm.java cross site scripting]
Points17

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!