| शीर्षक | Concretecms 9.3.9 XSS |
|---|
| विवरण | ConcreteCMS v9.3.9 suffers from a Stored Cross-Site Scripting (XSS) vulnerability in the Title field、Body Source field、Button Text field when adding a Feature Link block. This vulnerability allows attackers to cheat other users by injecting malicious scripts into web pages viewed by other users. |
|---|
| स्रोत | ⚠️ https://github.com/yaowenxiao721/Poc/blob/main/Concretecms/Concretecms-poc7.md |
|---|
| उपयोगकर्ता | yaowenxiao (UID 82929) |
|---|
| सबमिशन | 18/03/2025 10:24 AM (1 वर्ष पहले) |
|---|
| संयम | 30/03/2025 09:16 AM (12 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 302021 [ConcreteCMS तक 9.3.9 Feature Link Block save Title/Body Source/Button Text क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 16 |
|---|