Invia #373289: ThinkSAAS 3.7.0 Cross Site Scriptinginformazioni

TitoloThinkSAAS 3.7.0 Cross Site Scripting
DescrizioneThinkSAAS version 3.7.0 contains multiple stored Cross-Site Scripting (XSS) vulnerabilities. These vulnerabilities occur due to the lack of proper filtering of input variables in the `app/system/action/anti.php` file. The vulnerabilities are present in various functionalities such as IP filtering, Email filtering, and Phone number filtering in the admin panel's Security Center, all of which call `anti.php`.
Fonte⚠️ https://github.com/thinksaas/ThinkSAAS/issues/37
Utente
 jiashenghe (UID 39445)
Sottomissione12/07/2024 09:27 (2 anni fa)
Moderazione20/07/2024 11:46 (8 days later)
StatoAccettato
Voce VulDB272064 [ThinkSAAS 3.7.0 Admin Panel Security Center anti.php ip/email/phone cross site scripting]
Punti19

PrecedenteVisione D'ensembleIl prossimo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!