제출 #224400: Customiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameter정보

제목Customiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameter
설명Customiblock in custombock.php in fluency CMS_ XSS (Cross Site Scripting) exists for the place parameter. Vulnerable source code: if (isset($_GET['customblock_place'])) { $customblock_place = $_GET['customblock_place']; echo "<script>loadCustomBlocCreateForm('$customblock_place');</script>"; } Unfiltered parameters, which can bypass and generate xss vulnerabilities
원천⚠️ https://github.com/flusity/flusity-CMS/issues/1
사용자
 zihe (UID 56943)
제출2023. 10. 23. AM 09:50 (3 연령 ago)
모더레이션2023. 10. 26. AM 09:19 (3 days later)
상태수락
VulDB 항목243599 [flusity CMS Dashboard customblock.php loadCustomBlocCreateForm customblock_place 크로스 사이트 스크립팅]
포인트들20

이전개요다음

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!