| 제목 | roothub https://github.com/miansen/Roothub/tree/v2.6 2.6 XSS |
|---|
| 설명 | The source code address is:
https://github.com/miansen/Roothub/tree/v2.6
This CMS version 2.6 has a storage XSS vulnerability that can be triggered by "><img src=x onerror=alert(1)>
In java code:
src/main/java/cn/roothub/web/admin/SystemConfigAdminController.java
There doesn't seem to be any filtering for XSS here
Please see the vulnerability reproduction process
https://github.com/wandeorfu/test |
|---|
| 원천 | ⚠️ https://github.com/wandeorfu/test |
|---|
| 사용자 | wanderofu (UID 87839) |
|---|
| 제출 | 2025. 07. 25. AM 10:52 (9 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 26. PM 03:18 (1 day later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 317779 [Roothub 까지 2.6 SystemConfigAdminController.java edit 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 0 |
|---|