| Titolo | 长沙友点软件科技有限公司 YouDianCMS 9.5.21 Cross Site Scripting |
|---|
| Descrizione | YouDianCMS v9.5.21 has a reflected XSS vulnerability in App/Tpl/Admin/Default/Log/index.html. Attackers can add malicious JavaScript scripts to the URL, and the server will concatenate the malicious scripts into the URL and return them to the browser, ultimately causing XSS vulnerabilities |
|---|
| Fonte | ⚠️ https://github.com/zonesec0/findcve/issues/4 |
|---|
| Utente | zonesec (UID 74980) |
|---|
| Sottomissione | 26/03/2025 07:09 (1 Anno fa) |
|---|
| Moderazione | 12/04/2025 13:48 (17 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 304569 [YouDianCMS 9.5.21 index.html UserName/LogType cross site scripting] |
|---|
| Punti | 17 |
|---|