Invia #51298: ForUCMS XSS vulnerabilityinformazioni

TitoloForUCMS XSS vulnerability
DescrizioneConstruction environment: windows10 Phpstudy 5.3.29 Project download address: https://gitee.com/sw1981/ForU-CMS?_from=gitee_search Vulnerability File Directory C:\phpStudy\PHPTutorial\WWW\ForU-CMS-dev\admin\cms_chip.php POST receives data transmitted by users However, the process does not filter the xss attack payload input by the user c_ name value <img src="x" onerror="alert(/xss/);"> Reference link:https://github.com/whiex/c2Rhc2Rhc2Q-/blob/main/MjU1NTI1ODU4ODU%3D.docx
Fonte⚠️ https://github.com/whiex/c2Rhc2Rhc2Q-/blob/main/MjU1NTI1ODU4ODU%3D.docx
Utente
 s7eyd7 (UID 30723)
Sottomissione08/11/2022 03:53 (4 anni fa)
Moderazione11/11/2022 08:29 (3 days later)
StatoAccettato
Voce VulDB213450 [ForU CMS cms_chip.php Nome cross site scripting]
Punti20

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!