| 제목 | WityCMS 0.6.1 "Website's name" field Stored Cross Site Scripting |
|---|
| 설명 | Stored cross-site scripting (XSS) vulnerability in the "Website's name" field found in the "Settings" page under the "General" menu in WityCMS 0.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to WityCMS/admin/settings/general. |
|---|
| 원천 | ⚠️ https://github.com/Creatiwity/wityCMS/issues/150 |
|---|
| 사용자 | nathunandwani (UID 862) |
|---|
| 제출 | 2018. 05. 28. PM 02:58 (8 연령 ago) |
|---|
| 모더레이션 | 2018. 05. 28. PM 05:52 (3 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 118269 [CreatiWity wityCMS 0.6.1 Website Name 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 18 |
|---|