CicadasCMS CicadasCMS v1.0 Stored Cross-Site Scriptinginformation

Titre	https://gitee.com/westboy/CicadasCMS CicadasCMS v1.0 Stored Cross-Site Scripting
Description	A security vulnerability exists in the task scheduling management module of CicadasCMS v1.0. Because the /system/schedule/save interface fails to adequately filter and escape the user-input jobName parameter when handling task saving logic, attackers can inject malicious JavaScript. This script is stored in the server database and will automatically execute in the browser environment when an administrator or a user with relevant permissions accesses the task list or scheduling monitoring page.
La source	⚠️ https://gitee.com/westboy/CicadasCMS/issues/IJLMAG
Utilisateur	DaytimeHeaven (UID 96977)
Soumission	07/05/2026 10:01 (il y a 29 jours)
Modérer	01/06/2026 12:27 (25 days later)
Statut	Accepté
Entrée VulDB	367637 [westboy CicadasCMS Task Scheduling Management ScheduleJobController.java cross site scripting]
Points	20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!