| Titolo | Vendor JSite 1.0 Stored Cross-Site Scripting Attack |
|---|
| Descrizione | Version 1.0 of JSite /sys/office/save interface has a Cross-Site Scripting (XSS)
vulnerability. Attackers can inject malicious JavaScript code through the remarks
parameter. |
|---|
| Fonte | ⚠️ https://github.com/caigo8/CVE-md/blob/main/JSite/XSS2.md |
|---|
| Utente | anshub (UID 30822) |
|---|
| Sottomissione | 14/04/2025 03:37 (1 Anno fa) |
|---|
| Moderazione | 26/04/2025 09:14 (12 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 306306 [baseweb JSite fino a 1.0 /sys/office/save Osservazioni cross site scripting] |
|---|
| Punti | 15 |
|---|