| शीर्षक | Concretecms 9.3.9 XSS |
|---|
| विवरण | ConcreteCMS v9.3.9 suffers from a Stored Cross-Site Scripting (XSS) vulnerability in the Navigation field、Title Text field、Description source field when adding a FAQ block. This vulnerability allows attackers to cheat other users by injecting malicious scripts into web pages viewed by other users. |
|---|
| स्रोत | ⚠️ https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc2.md |
|---|
| उपयोगकर्ता | yaowenxiao (UID 82929) |
|---|
| सबमिशन | 18/03/2025 10:21 AM (1 वर्ष पहले) |
|---|
| संयम | 30/03/2025 09:16 AM (12 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 302016 [ConcreteCMS तक 9.3.9 FAQ Block save Navigation/Title Text/Description Source क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 16 |
|---|