提出 #32739: Htmly Authenticated Stored Cross-Site Scripting(XSS)情報

タイトルHtmly Authenticated Stored Cross-Site Scripting(XSS)
説明HTMLy is an open source Databaseless Blogging Platform or Flat-File Blog prioritizes simplicity and speed written in PHP. HTMLy can be referred to as Flat-File CMS either since it will also manage your content.You do not need to use a VPS to run HTMLy, shared hosting or even free hosting should work as long as the host supports at least PHP 5.3.Htmly CMS does not filter the content correctly at the "edit profile" module, resulting in the generation of stored XSS.Add payload at the title of edit profile module (click the Save), We can see the alert.
ソース⚠️ https://github.com/liaojia-99/project/tree/main/htmly
ユーザー
 joinia (UID 24916)
送信2022年03月16日 07:31 (4 年 ago)
モデレーション2022年03月16日 07:34 (3 minutes later)
ステータス承諾済み
VulDBエントリ195203 [htmly 5.3 Edit Profile タイトル クロスサイトスクリプティング]
ポイント20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!