| शीर्षक | https://gitee.com/westboy/CicadasCMS CicadasCMS v1.0 Stored Cross-Site Scripting |
|---|
| विवरण | A security vulnerability exists in the task scheduling management module of CicadasCMS v1.0. Because the /system/schedule/save interface fails to adequately filter and escape the user-input jobName parameter when handling task saving logic, attackers can inject malicious JavaScript. This script is stored in the server database and will automatically execute in the browser environment when an administrator or a user with relevant permissions accesses the task list or scheduling monitoring page. |
|---|
| स्रोत | ⚠️ https://gitee.com/westboy/CicadasCMS/issues/IJLMAG |
|---|
| उपयोगकर्ता | DaytimeHeaven (UID 96977) |
|---|
| सबमिशन | 07/05/2026 10:01 AM (1 महीना पहले) |
|---|
| संयम | 01/06/2026 12:27 PM (25 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 367637 [westboy CicadasCMS तक 2431154dac8d0735e04f1fd2a3c3556668fc8dab Task Scheduling Management ScheduleJobController.java क्रॉस साइट स्क्रिप्टिंग] |
|---|
| अंक | 20 |
|---|