Invia #35906: automad<=1.10.9 Stored Cross-Site Scripting(XSS)informazioni

Titoloautomad<=1.10.9 Stored Cross-Site Scripting(XSS)
DescrizioneThe system Client doesn't properly sanitise POST parameter, which result into a Stored Cross-Site Scripting(XSS). 1,After installing the program, log in to the background system, modify the website title and inject attack code, and then submit 2,Visiting the home page of the website will trigger the code https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md
Fonte⚠️ https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/automad%3C%3D1.10.9%20Stored%20Cross-Site%20Scripting(XSS).md
Utente
 webray.com.cn (UID 24778)
Sottomissione29/04/2022 11:33 (4 anni fa)
Moderazione29/04/2022 14:06 (3 hours later)
StatoAccettato
Voce VulDB198706 [automad fino a 1.10.9 Dashboard Titolo cross site scripting]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Do you want to use VulDB in your project?

Use the official API to access entries easily!