| 제목 | DaiCuoCms DaiCuoCms article manage system 1.3.13 Cross Site Scripting |
|---|
| 설명 | DaiCuoCms version 1.3.13 is vulnerable to a stored Cross-Site Scripting (XSS) vulnerability. An authenticated user with access to the admin panel can inject malicious JavaScript code into article content or other editable fields. This code is then rendered and executed in the context of users who visit the affected frontend pages, potentially leading to session hijacking, phishing, or other malicious actions. The lack of proper input sanitization and output encoding makes this vulnerability exploitable. |
|---|
| 원천 | ⚠️ https://github.com/daicuo/cms/issues/1 |
|---|
| 사용자 | A13niL (UID 83935) |
|---|
| 제출 | 2025. 04. 09. AM 08:25 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 04. 18. PM 04:00 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 305648 [DaiCuo 1.3.13 SEO Optimization Settings Section 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 20 |
|---|